utf8.c 21 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581
  1. /* Copyright (C) 2001 by Eric Kidd. All rights reserved.
  2. **
  3. ** Redistribution and use in source and binary forms, with or without
  4. ** modification, are permitted provided that the following conditions
  5. ** are met:
  6. ** 1. Redistributions of source code must retain the above copyright
  7. ** notice, this list of conditions and the following disclaimer.
  8. ** 2. Redistributions in binary form must reproduce the above copyright
  9. ** notice, this list of conditions and the following disclaimer in the
  10. ** documentation and/or other materials provided with the distribution.
  11. ** 3. The name of the author may not be used to endorse or promote products
  12. ** derived from this software without specific prior written permission.
  13. **
  14. ** THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
  15. ** ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  16. ** IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  17. ** ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
  18. ** FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  19. ** DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  20. ** OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  21. ** HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  22. ** LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  23. ** OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  24. ** SUCH DAMAGE. */
  25. /*=========================================================================
  26. ** XML-RPC UTF-8 Utilities
  27. **=========================================================================
  28. ** Routines for validating, encoding and decoding UTF-8 data. We try to
  29. ** be very, very strict about invalid UTF-8 data.
  30. **
  31. ** All of the code in this file assumes that your machine represents
  32. ** wchar_t as a 16-bit (or wider) character containing UCS-2 data. If this
  33. ** assumption is incorrect, you may need to replace this file.
  34. **
  35. ** For lots of information on Unicode and UTF-8 decoding, see:
  36. ** http://www.cl.cam.ac.uk/~mgk25/unicode.html
  37. */
  38. #include <assert.h>
  39. #include "int.h"
  40. #include "xmlrpc_config.h"
  41. #include "bool.h"
  42. #include "xmlrpc-c/base.h"
  43. /*=========================================================================
  44. ** Tables and Constants
  45. **=========================================================================
  46. ** We use a variety of tables and constants to help decode and validate
  47. ** UTF-8 data.
  48. */
  49. static unsigned char utf8SeqLength[256] = {
  50. /* utf8SeqLength[B] is the number of bytes in a UTF-8 sequence that starts
  51. with byte B. Except zero indicates an illegal initial byte.
  52. Fredrik Lundh's UTF-8 decoder Python 2.0 uses a similar table. But since
  53. Python 2.0 has the icky CNRI license, I generated this table from scratch
  54. and wrote my own decoder.
  55. */
  56. /* 0 1 2 3 4 5 6 7 8 9 A B C D E F */
  57. /* 0 */ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
  58. /* 1 */ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
  59. /* 2 */ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
  60. /* 3 */ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
  61. /* 4 */ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
  62. /* 5 */ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
  63. /* 6 */ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
  64. /* 7 */ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
  65. /* 8 */ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
  66. /* 9 */ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
  67. /* A */ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
  68. /* B */ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
  69. /* C */ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
  70. /* D */ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
  71. /* E */ 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3,
  72. /* F */ 4, 4, 4, 4, 4, 4, 4, 4, 5, 5, 5, 5, 6, 6, 0, 0
  73. };
  74. /* The minimum legal character value for a UTF-8 sequence of the given
  75. ** length. We have to check this to avoid accepting "overlong" UTF-8
  76. ** sequences, which use more bytes than necessary to encode a given
  77. ** character. Such sequences are commonly used by evil people to bypass
  78. ** filters and security checks. This table is based on the UTF-8-test.txt
  79. ** file by Markus Kuhn <mkuhn@acm.org>. */
  80. static uint32_t const utf8_min_char_for_length[] = {
  81. 0, /* Length 0: Not used (meaningless) */
  82. 0x0000, /* Length 1: Not used (special-cased) */
  83. 0x0080, /* Length 2 */
  84. 0x0800, /* Length 3 */
  85. 0x00010000, /* Length 4 */
  86. 0x00200000, /* Length 5 */
  87. 0x04000000 /* Length 6 */
  88. };
  89. /* This is the maximum legal 16-byte (UCS-2) character. Again, this
  90. ** information is based on UTF-8-test.txt. */
  91. #define UCS2_MAX_LEGAL_CHARACTER (0xFFFD)
  92. /* First and last UTF-16 surrogate characters. These are *not* legal UCS-2
  93. ** characters--they're used to code for UCS-4 characters when using
  94. ** UTF-16. They should never appear in decoded UTF-8 data! Again, these
  95. ** could hypothetically be used to bypass security measures on some machines.
  96. ** Based on UTF-8-test.txt. */
  97. #define UTF16_FIRST_SURROGATE (0xD800)
  98. #define UTF16_LAST_SURROGATE (0xDFFF)
  99. /* Is the character 'c' a UTF-8 continuation character? */
  100. #define IS_CONTINUATION(c) (((c) & 0xC0) == 0x80)
  101. #define MAX_ENCODED_BYTES (3)
  102. /* Maximum number of bytes needed to encode in UTF-8 a character
  103. in the Basic Multilingual Plane.
  104. */
  105. #if HAVE_UNICODE_WCHAR
  106. static void
  107. validateContinuation(xmlrpc_env * const envP,
  108. char const c) {
  109. if (!IS_CONTINUATION(c))
  110. xmlrpc_env_set_fault_formatted(
  111. envP, XMLRPC_INVALID_UTF8_ERROR,
  112. "UTF-8 multibyte sequence contains character 0x%02x, "
  113. "which does not indicate continuation.", c);
  114. }
  115. static void
  116. validateUtf16(xmlrpc_env * const envP,
  117. wchar_t const wc) {
  118. if (wc > UCS2_MAX_LEGAL_CHARACTER)
  119. xmlrpc_env_set_fault_formatted(
  120. envP, XMLRPC_INVALID_UTF8_ERROR,
  121. "UCS-2 characters > U+FFFD are illegal. String contains 0x%04x",
  122. (unsigned)wc);
  123. else if (UTF16_FIRST_SURROGATE <= wc && wc <= UTF16_LAST_SURROGATE)
  124. xmlrpc_env_set_fault_formatted(
  125. envP, XMLRPC_INVALID_UTF8_ERROR,
  126. "UTF-16 surrogates may not appear in UTF-8 data. "
  127. "String contains %04x", (unsigned)wc);
  128. }
  129. /* Microsoft Visual C in debug mode produces code that complains about
  130. returning an undefined value from xmlrpc_datetime_new_str(). It's a bogus
  131. complaint, because this function is defined to return nothing meaningful
  132. those cases. So we disable the check.
  133. */
  134. #pragma runtime_checks("u", off)
  135. static void
  136. decodeMultibyte(xmlrpc_env * const envP,
  137. const char * const utf8_seq,
  138. size_t const length,
  139. wchar_t * const wcP) {
  140. /*----------------------------------------------------------------------------
  141. Decode the multibyte UTF-8 sequence which is 'length' characters
  142. at 'utf8_data'.
  143. Return the character in UTF-16 format as *wcP.
  144. -----------------------------------------------------------------------------*/
  145. wchar_t wc;
  146. assert(utf8_seq[0] & 0x80); /* High bit set: this is multibyte seq */
  147. switch (length) {
  148. case 2:
  149. /* 110xxxxx 10xxxxxx */
  150. validateContinuation(envP, utf8_seq[1]);
  151. if (!envP->fault_occurred)
  152. wc = ((((wchar_t) (utf8_seq[0] & 0x1F)) << 6) |
  153. (((wchar_t) (utf8_seq[1] & 0x3F))));
  154. break;
  155. case 3:
  156. /* 1110xxxx 10xxxxxx 10xxxxxx */
  157. validateContinuation(envP, utf8_seq[1]);
  158. if (!envP->fault_occurred) {
  159. validateContinuation(envP, utf8_seq[2]);
  160. if (!envP->fault_occurred)
  161. wc = ((((wchar_t) (utf8_seq[0] & 0x0F)) << 12) |
  162. (((wchar_t) (utf8_seq[1] & 0x3F)) << 6) |
  163. (((wchar_t) (utf8_seq[2] & 0x3F))));
  164. }
  165. break;
  166. case 4:
  167. /* 11110xxx 10xxxxxx 10xxxxxx 10xxxxxx */
  168. case 5:
  169. /* 111110xx 10xxxxxx 10xxxxxx 10xxxxxx 10xxxxxx */
  170. case 6:
  171. /* 1111110x 10xxxxxx 10xxxxxx 10xxxxxx 10xxxxxx 10xxxxxx */
  172. /* This would require more than 16 bits in UTF-16, so
  173. it can't be represented in UCS-2, so it's beyond
  174. our capability. Characters in the BMP fit in 16
  175. bits.
  176. */
  177. xmlrpc_env_set_fault_formatted(
  178. envP, XMLRPC_INVALID_UTF8_ERROR,
  179. "UTF-8 string contains a character not in the "
  180. "Basic Multilingual Plane (first byte 0x%02x)",
  181. utf8_seq[0]);
  182. break;
  183. default:
  184. xmlrpc_faultf(envP,
  185. "Internal error: Impossible UTF-8 sequence length %u",
  186. (unsigned)length);
  187. }
  188. if (!envP->fault_occurred)
  189. validateUtf16(envP, wc);
  190. if (!envP->fault_occurred)
  191. if ((uint32_t)wc < utf8_min_char_for_length[length])
  192. xmlrpc_env_set_fault_formatted(
  193. envP, XMLRPC_INVALID_UTF8_ERROR,
  194. "Overlong UTF-8 sequence not allowed");
  195. *wcP = wc;
  196. }
  197. #pragma runtime_checks("u", restore)
  198. static void
  199. decodeUtf8(xmlrpc_env * const envP,
  200. const char * const utf8_data,
  201. size_t const utf8_len,
  202. wchar_t * const ioBuff,
  203. size_t * const outBuffLenP) {
  204. /*----------------------------------------------------------------------------
  205. Decode to UCS-2 (or validate as UTF-8 that can be decoded to UCS-2)
  206. a UTF-8 string. To validate, set ioBuff and outBuffLenP to NULL.
  207. To decode, allocate a sufficiently large buffer, pass it as ioBuff,
  208. and pass a pointer as as outBuffLenP. The data will be written to
  209. the buffer, and the length to outBuffLenP.
  210. We assume that wchar_t holds a single UCS-2 character in native-endian
  211. byte ordering.
  212. -----------------------------------------------------------------------------*/
  213. size_t utf8Cursor;
  214. size_t outPos;
  215. XMLRPC_ASSERT_ENV_OK(envP);
  216. XMLRPC_ASSERT_PTR_OK(utf8_data);
  217. XMLRPC_ASSERT((!ioBuff && !outBuffLenP) || (ioBuff && outBuffLenP));
  218. for (utf8Cursor = 0, outPos = 0;
  219. utf8Cursor < utf8_len && !envP->fault_occurred;
  220. ) {
  221. char const init = utf8_data[utf8Cursor];
  222. /* Initial byte of the UTF-8 sequence */
  223. wchar_t wc;
  224. if ((init & 0x80) == 0x00) {
  225. /* Convert ASCII character to wide character. */
  226. wc = init;
  227. ++utf8Cursor;
  228. } else {
  229. /* Look up the length of this UTF-8 sequence. */
  230. size_t const length = utf8SeqLength[(unsigned char) init];
  231. if (length == 0)
  232. xmlrpc_env_set_fault_formatted(
  233. envP, XMLRPC_INVALID_UTF8_ERROR,
  234. "Unrecognized UTF-8 initial byte value 0x%02x", init);
  235. else {
  236. /* Make sure we have enough bytes to convert. */
  237. if (utf8Cursor + length > utf8_len) {
  238. xmlrpc_env_set_fault_formatted(
  239. envP, XMLRPC_INVALID_UTF8_ERROR,
  240. "Invalid UTF-8 sequence indicates a %u-byte sequence "
  241. "when only %u bytes are left in the string",
  242. (unsigned)length, (unsigned)(utf8_len - utf8Cursor));
  243. } else {
  244. decodeMultibyte(envP, &utf8_data[utf8Cursor], length, &wc);
  245. /* Advance to the end of the sequence. */
  246. utf8Cursor += length;
  247. }
  248. }
  249. }
  250. if (!envP->fault_occurred) {
  251. /* If we have a buffer, write our character to it. */
  252. if (ioBuff)
  253. ioBuff[outPos++] = wc;
  254. }
  255. }
  256. if (outBuffLenP)
  257. *outBuffLenP = envP->fault_occurred ? 0 : outPos;
  258. }
  259. xmlrpc_mem_block *
  260. xmlrpc_utf8_to_wcs(xmlrpc_env * const envP,
  261. const char * const utf8_data,
  262. size_t const utf8_len) {
  263. /*----------------------------------------------------------------------------
  264. Decode UTF-8 string to a "wide character string". This function
  265. returns an xmlrpc_mem_block with an element type of wchar_t. Don't
  266. try to intepret the block in a bytewise fashion--it won't work in
  267. any useful or portable fashion.
  268. For backward compatibility, we return a meaningful value even when we
  269. fail. We return NULL when we fail.
  270. -----------------------------------------------------------------------------*/
  271. xmlrpc_mem_block * wcsP;
  272. size_t wcs_length;
  273. /* Allocate a memory block large enough to hold any possible output.
  274. We assume that each byte of the input may decode to a whcar_t.
  275. */
  276. wcsP = XMLRPC_MEMBLOCK_NEW(wchar_t, envP, utf8_len);
  277. if (!envP->fault_occurred) {
  278. /* Decode the UTF-8 data. */
  279. decodeUtf8(envP, utf8_data, utf8_len,
  280. XMLRPC_MEMBLOCK_CONTENTS(wchar_t, wcsP),
  281. &wcs_length);
  282. if (!envP->fault_occurred) {
  283. /* We can't have overrun our buffer. */
  284. XMLRPC_ASSERT(wcs_length <= utf8_len);
  285. /* Correct the length of the memory block. */
  286. XMLRPC_MEMBLOCK_RESIZE(wchar_t, envP, wcsP, wcs_length);
  287. }
  288. if (envP->fault_occurred)
  289. XMLRPC_MEMBLOCK_FREE(wchar_t, wcsP);
  290. }
  291. if (envP->fault_occurred)
  292. return NULL;
  293. else
  294. return wcsP;
  295. }
  296. xmlrpc_mem_block *
  297. xmlrpc_wcs_to_utf8(xmlrpc_env * const envP,
  298. const wchar_t * const wcs_data,
  299. size_t const wcs_len) {
  300. /*----------------------------------------------------------------------------
  301. Encode a "wide character string" as UTF-8.
  302. For backward compatibility, we return a meaningful value even when we
  303. fail. We return NULL when we fail.
  304. -----------------------------------------------------------------------------*/
  305. size_t const estimate = wcs_len * MAX_ENCODED_BYTES;
  306. /* Our conservative estimate of how big the output will be;
  307. i.e. we know it won't be larger than this. For the estimate,
  308. we assume that every wchar might encode to the maximum length.
  309. */
  310. xmlrpc_mem_block * utf8P;
  311. XMLRPC_ASSERT_ENV_OK(envP);
  312. XMLRPC_ASSERT_PTR_OK(wcs_data);
  313. utf8P = XMLRPC_MEMBLOCK_NEW(char, envP, estimate);
  314. if (!envP->fault_occurred) {
  315. unsigned char * const buffer =
  316. XMLRPC_MEMBLOCK_CONTENTS(unsigned char, utf8P);
  317. size_t bytesUsed;
  318. size_t i;
  319. bytesUsed = 0;
  320. for (i = 0; i < wcs_len && !envP->fault_occurred; ++i) {
  321. wchar_t const wc = wcs_data[i];
  322. if (wc <= 0x007F)
  323. buffer[bytesUsed++] = wc & 0x7F;
  324. else if (wc <= 0x07FF) {
  325. /* 110xxxxx 10xxxxxx */
  326. buffer[bytesUsed++] = 0xC0 | (wc >> 6);
  327. buffer[bytesUsed++] = 0x80 | (wc & 0x3F);
  328. } else if (wc <= 0xFFFF) {
  329. /* 1110xxxx 10xxxxxx 10xxxxxx */
  330. buffer[bytesUsed++] = 0xE0 | (wc >> 12);
  331. buffer[bytesUsed++] = 0x80 | ((wc >> 6) & 0x3F);
  332. buffer[bytesUsed++] = 0x80 | (wc & 0x3F);
  333. } else
  334. xmlrpc_faultf(envP,
  335. "Don't know how to encode UCS-4 characters yet");
  336. }
  337. if (!envP->fault_occurred) {
  338. XMLRPC_ASSERT(bytesUsed <= estimate);
  339. XMLRPC_MEMBLOCK_RESIZE(char, envP, utf8P, bytesUsed);
  340. }
  341. if (envP->fault_occurred)
  342. XMLRPC_MEMBLOCK_FREE(char, utf8P);
  343. }
  344. if (envP->fault_occurred)
  345. return NULL;
  346. else
  347. return utf8P;
  348. }
  349. #else /* HAVE_UNICODE_WCHAR */
  350. xmlrpc_mem_block *
  351. xmlrpc_utf8_to_wcs(xmlrpc_env * const envP,
  352. const char * const utf8_data ATTR_UNUSED,
  353. size_t const utf8_len ATTR_UNUSED) {
  354. xmlrpc_faultf(envP, "INTERNAL ERROR: xmlrpc_utf8_to_wcs() called "
  355. "on a system that doesn't do Unicode!");
  356. return NULL;
  357. }
  358. #endif /* HAVE_UNICODE_WCHAR */
  359. void
  360. xmlrpc_force_to_utf8(char * const buffer) {
  361. /*----------------------------------------------------------------------------
  362. Force the contents of 'buffer' to be valid UTF-8, any way possible.
  363. The buffer ends with a NUL character, and the mutation does not make
  364. it longer.
  365. The most common reason for a string that's supposed to be UTF-8 not
  366. to be UTF-8 is that it was supposed to be ASCII but instead
  367. includes garbage with the high bit on (ASCII characters always have
  368. the high bit off), or maybe a primitive 8-bit ASCII extension.
  369. Therefore, we force it to UTF-8 by replacing some bytes that have
  370. the high bit set with DEL (0x7F). That would leave the other
  371. characters meaningful.
  372. -----------------------------------------------------------------------------*/
  373. char * p;
  374. for (p = &buffer[0]; *p;) {
  375. unsigned int const length = utf8SeqLength[(unsigned char) *p];
  376. bool forceDel;
  377. uint32_t decoded;
  378. forceDel = false; /* initial value */
  379. switch (length) {
  380. case 1:
  381. /* One-byte UTF-8 characters are easy. */
  382. decoded = *p;
  383. break;
  384. case 2:
  385. /* 110xxxxx 10xxxxxx */
  386. if (!*(p+1) || !(*p+2))
  387. forceDel = true;
  388. else if (!IS_CONTINUATION(*(p+1)))
  389. forceDel = true;
  390. else
  391. decoded =
  392. ((uint32_t)(*(p+0) & 0x1F) << 6) |
  393. ((uint32_t)(*(p+1) & 0x3F) << 0);
  394. break;
  395. case 3:
  396. /* 1110xxxx 10xxxxxx 10xxxxxx */
  397. if (!*(p+1) || !(*p+2) || !(*p+3))
  398. forceDel = true;
  399. else if (!IS_CONTINUATION(*(p+1)) || !IS_CONTINUATION(*(p+2)))
  400. forceDel = true;
  401. else
  402. decoded =
  403. ((uint32_t)(*(p+0) & 0x0F) << 12) |
  404. ((uint32_t)(*(p+1) & 0x3F) << 6) |
  405. ((uint32_t)(*(p+2) & 0x3F) << 0);
  406. break;
  407. default:
  408. forceDel = true;
  409. }
  410. if (!forceDel) {
  411. if (decoded > UCS2_MAX_LEGAL_CHARACTER)
  412. forceDel = true;
  413. else if (UTF16_FIRST_SURROGATE <= decoded &&
  414. decoded <= UTF16_LAST_SURROGATE)
  415. forceDel = true;
  416. else if (decoded < utf8_min_char_for_length[length])
  417. forceDel = true;
  418. }
  419. if (forceDel) {
  420. /* Not a valid UTF-8 character, so replace the first byte
  421. with a nice simple ASCII DEL.
  422. */
  423. *p = 0x7F;
  424. p += 1;
  425. } else
  426. p += length;
  427. }
  428. }
  429. void
  430. xmlrpc_force_to_xml_chars(char * const buffer) {
  431. /*----------------------------------------------------------------------------
  432. Modify 'buffer' so that it contains nothing but valid XML
  433. characters. The buffer ends with a NUL character, and the mutation
  434. does not make it longer.
  435. Note that the valid characters in an XML document are all Unicode
  436. codepoints except the ASCII control characters, plus CR, LF, and
  437. Tab.
  438. We change all non-XML characters to DEL (0x7F).
  439. Assume input is valid UTF-8.
  440. -----------------------------------------------------------------------------*/
  441. char * p;
  442. for (p = &buffer[0]; *p;) {
  443. unsigned int const length = utf8SeqLength[(unsigned char) *p];
  444. if (length == 1) {
  445. if (*p < 0x20 && *p != '\r' && *p != '\n' && *p != '\t')
  446. /* Not valid XML. Force to DEL */
  447. *p = 0x7f;
  448. } else {
  449. /* We assume here that all other UTF-8 characters are
  450. valid XML, but it's apparently not actually true.
  451. */
  452. }
  453. {
  454. unsigned int i;
  455. /* Advance to next UTF-8 character */
  456. for (i = 0; i < length && *p; ++i)
  457. ++p;
  458. }
  459. }
  460. }
  461. void
  462. xmlrpc_validate_utf8(xmlrpc_env * const envP,
  463. const char * const utf8_data,
  464. size_t const utf8_len) {
  465. /*----------------------------------------------------------------------------
  466. Validate that a string is valid UTF-8.
  467. -----------------------------------------------------------------------------*/
  468. xmlrpc_env env;
  469. xmlrpc_env_init(&env);
  470. #if HAVE_UNICODE_WCHAR
  471. decodeUtf8(&env, utf8_data, utf8_len, NULL, NULL);
  472. #else
  473. /* We don't have a convenient way to validate, so we just fake it and
  474. call it valid.
  475. */
  476. #endif
  477. if (env.fault_occurred) {
  478. xmlrpc_env_set_fault_formatted(
  479. envP, XMLRPC_INVALID_UTF8_ERROR,
  480. "%" XMLRPC_PRId64 "-byte "
  481. "supposed UTF-8 string is not valid UTF-8. %s",
  482. (XMLRPC_INT64)utf8_len, env.fault_string);
  483. }
  484. xmlrpc_env_clean(&env);
  485. }