summaryrefslogtreecommitdiffstats
path: root/Modules/cjkcodecs
diff options
context:
space:
mode:
authorXiang Zhang <angwerzx@126.com>2017-05-09 03:38:32 (GMT)
committerGitHub <noreply@github.com>2017-05-09 03:38:32 (GMT)
commit9da408d15bdef624a5632182cb4edf98001fa82f (patch)
tree55707952ef7b86c4c333122add2bc27101c27ef0 /Modules/cjkcodecs
parentfa5abac1e6cd74979557d5a6f960a55f40a10b0e (diff)
downloadcpython-9da408d15bdef624a5632182cb4edf98001fa82f.zip
cpython-9da408d15bdef624a5632182cb4edf98001fa82f.tar.gz
cpython-9da408d15bdef624a5632182cb4edf98001fa82f.tar.bz2
bpo-29990: Fix range checking in GB18030 decoder (#1495)
When decoding a 4-byte GB18030 sequence, the first and third byte cannot exceed 0xFE.
Diffstat (limited to 'Modules/cjkcodecs')
-rw-r--r--Modules/cjkcodecs/_codecs_cn.c4
1 files changed, 3 insertions, 1 deletions
diff --git a/Modules/cjkcodecs/_codecs_cn.c b/Modules/cjkcodecs/_codecs_cn.c
index 1a070f2..bda175c 100644
--- a/Modules/cjkcodecs/_codecs_cn.c
+++ b/Modules/cjkcodecs/_codecs_cn.c
@@ -279,7 +279,9 @@ DECODER(gb18030)
REQUIRE_INBUF(4);
c3 = INBYTE3;
c4 = INBYTE4;
- if (c < 0x81 || c3 < 0x81 || c4 < 0x30 || c4 > 0x39)
+ if (c < 0x81 || c > 0xFE ||
+ c3 < 0x81 || c3 > 0xFE ||
+ c4 < 0x30 || c4 > 0x39)
return 1;
c -= 0x81; c2 -= 0x30;
c3 -= 0x81; c4 -= 0x30;