[Date Prev][Date Next][Thread Prev][Thread Next]
[Date Index]
[Thread Index]
- Subject: UTF-8 validation
- From: "Cezary H. Noweta" <chn@...>
- Date: Wed, 09 Dec 2015 23:55:51 +0100
Hello,
In the Lua's core I have not found a way to validating UTF-8 strings
coming from unknown sources. According to the Unicode Standard and UTR
#36 (http://www.unicode.org/reports/tr36/#UTF-8_Exploit). A build-in
implementation does not detect a non-shortest form.
I have implemented a function utf8.validate(s [, allowlongnul [,
allowsurrogates]]), which takes a string, silently gets rid of invalid
trash, and returns a perfectly valid UTF-8 string together with a
boolean value which determines if the source string contained valid
characters only. Optional parameter ,,allowlongnul'' is for supporting
Java's embedded NULs ('\xC0\x80'), and ,,allowsurrogates'' is for 16-bit
Windows remnants which until Win98 (or even WinME, AFAIR) did not
supported unicode characters beyond BMP. In both cases, the problematic
sequences are converted to valid UTF-8 sequences, for example:
utf8.validate('\xC0\x80abc'); -- => 'abc' false
utf8.validate('\xC0\x80abc', true); -- => '\x00abc' true
If you found above useful then take an attached ``lutf8lib.c''. The file
is originally taken from Lua 5.3.2 and everything what was added is
between ``/* CHN BEGIN */'' and ``/* CHN END */''.
-- best regards
Cezary H. Noweta
/*
** $Id: lutf8lib.c,v 1.15 2015/03/28 19:16:55 roberto Exp $
** Standard library for UTF-8 manipulation
** See Copyright Notice in lua.h
*/
#define lutf8lib_c
#define LUA_LIB
#include "lprefix.h"
#include <assert.h>
#include <limits.h>
#include <stdlib.h>
#include <string.h>
#include "lua.h"
#include "lauxlib.h"
#include "lualib.h"
#define MAXUNICODE 0x10FFFF
#define iscont(p) ((*(p) & 0xC0) == 0x80)
/* CHN BEGIN */
static size_t recode(char **d, size_t *dLen, const char **o, size_t *oLen, int bLongNuls, int bSurrogates)
{
const unsigned char *s = (const unsigned char *)o[0];
if ( 0x80 > s[0] ) {
/* One-byte code */
d[0][0] = o[0][0];
d[0] = &d[0][1];
++dLen[0];
o[0] = &o[0][1];
--oLen[0];
return 1;
}
if ( 0xC2 <= s[0] && 0xF4 >= s[0] ) {
const static size_t numBytes[] = {
2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, /* 0xC0 */
2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, /* 0xD0 */
3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, /* 0xE0 */
4, 4, 4, 4, 4 /* 0xF0 */
};
size_t n = numBytes[s[0] - 0xC2];
if ( (size_t)n <= oLen[0] ) {
/* Let's test the second byte */
switch ( s[0] ) {
for ( ; ; ) {
/* The second byte is valid */
switch ( n ) {
case 4:
if ( 0 == iscont(&s[3]) ) {
break;
}
d[0][3] = o[0][3];
case 3:
if ( 0 == iscont(&s[2]) ) {
break;
}
d[0][2] = o[0][2];
default:
d[0][1] = o[0][1];
d[0][0] = o[0][0];
d[0] = &d[0][n];
dLen[0] += n;
o[0] = &o[0][n];
oLen[0] -= n;
return n;
}
break;
case 0xE0:
if ( 0xA0 > s[1] || 0xBF < s[1] ) {
break;
}
continue;
case 0xED:
if ( 0x80 > s[1] || 0x9F < s[1] ) {
break;
}
continue;
case 0xF0:
if ( 0x90 > s[1] || 0xBF < s[1] ) {
break;
}
continue;
case 0xF4:
if ( 0x80 > s[1] || 0x8F < s[1] ) {
break;
}
continue;
default:
if ( 0 == iscont(&s[1]) ) {
break;
}
}
}
}
}
/* Java's embedded nul char */
if ( 0 != bLongNuls && 2 <= oLen[0] && 0xC0 == s[0] && 0x80 == s[1] ) {
d[0][0] = '\0';
d[0] = &d[0][1];
++dLen[0];
o[0] = &o[0][2];
oLen[0] -= 2;
return 1;
}
/* Win16 does not support surrogates */
if ( 0 != bSurrogates && 6 <= oLen[0] &&
0xED == s[0] && 0xA0 == (0xF0 & s[1]) && 0 != iscont(&s[2]) &&
0xED == s[3] && 0xB0 == (0xF0 & s[4]) && 0 != iscont(&s[5]) ) {
/*
Let's recode surrogates:
0xED 1010wwww 10cccccc 0xED 1011bbbb 10aaaaaa
into
11110uuu 10uucccc 10ccbbbb 10aaaaaa
where uuuuu = wwww + 1
ATTENTION! If default char is signed, then conversion to char
from unsigned char can result in an implementation-defined
behaviour or in an implementation-defined signal raised,
so let's try to avoid unsigned char => char conversion.
[ISO 9899:1999 6.3.1.3]
*/
((unsigned char *)d[0])[0] = (unsigned char)(0xD8 ^ (s[1] + 1) >> 2);
((unsigned char *)d[0])[1] = (unsigned char)(0x80 | (0x03 & s[1] + 1) << 4 | 0x0F & s[2] >> 2);
((unsigned char *)d[0])[2] = (unsigned char)(0xCF & s[4] | (0x03 & s[2]) << 4);
d[0][3] = o[0][5];
d[0] = &d[0][4];
dLen[0] += 4;
o[0] = &o[0][6];
oLen[0] -= 6;
return 4;
}
o[0] = &o[0][1];
--oLen[0];
return 0;
}
/*
** utf8.validate(s [, allowLongNulls [, allowSurrogates]]) -->
** valid UTF-8 string +
** boolean which indicates if source string had valid
** characters only.
*/
static int utf8_validate (lua_State *L) {
size_t len;
const char *s = luaL_checklstring(L, 1, &len);
int bLongNuls = lua_toboolean(L, 2);
int bSurrogates = lua_toboolean(L, 3);
luaL_Buffer b;
char *p = luaL_buffinitsize(L, &b, len);
size_t bufLen;
int bResult;
for ( bResult = !0, bufLen = 0; 0 < len; ) {
if ( 0 == recode(&p, &bufLen, &s, &len, bLongNuls, bSurrogates) ) {
bResult = 0;
break;
}
}
while ( 0 < len ) {
recode(&p, &bufLen, &s, &len, bLongNuls, bSurrogates);
}
luaL_pushresultsize(&b, bufLen);
lua_pushboolean(L, bResult);
return 2;
}
/* CHN END */
/* from strlib */
/* translate a relative string position: negative means back from end */
static lua_Integer u_posrelat (lua_Integer pos, size_t len) {
if (pos >= 0) return pos;
else if (0u - (size_t)pos > len) return 0;
else return (lua_Integer)len + pos + 1;
}
/*
** Decode one UTF-8 sequence, returning NULL if byte sequence is invalid.
*/
static const char *utf8_decode (const char *o, int *val) {
static const unsigned int limits[] = {0xFF, 0x7F, 0x7FF, 0xFFFF};
const unsigned char *s = (const unsigned char *)o;
unsigned int c = s[0];
unsigned int res = 0; /* final result */
if (c < 0x80) /* ascii? */
res = c;
else {
int count = 0; /* to count number of continuation bytes */
while (c & 0x40) { /* still have continuation bytes? */
int cc = s[++count]; /* read next byte */
if ((cc & 0xC0) != 0x80) /* not a continuation byte? */
return NULL; /* invalid byte sequence */
res = (res << 6) | (cc & 0x3F); /* add lower 6 bits from cont. byte */
c <<= 1; /* to test next bit */
}
res |= ((c & 0x7F) << (count * 5)); /* add first byte */
if (count > 3 || res > MAXUNICODE || res <= limits[count])
return NULL; /* invalid byte sequence */
s += count; /* skip continuation bytes read */
}
if (val) *val = res;
return (const char *)s + 1; /* +1 to include first byte */
}
/*
** utf8len(s [, i [, j]]) --> number of characters that start in the
** range [i,j], or nil + current position if 's' is not well formed in
** that interval
*/
static int utflen (lua_State *L) {
int n = 0;
size_t len;
const char *s = luaL_checklstring(L, 1, &len);
lua_Integer posi = u_posrelat(luaL_optinteger(L, 2, 1), len);
lua_Integer posj = u_posrelat(luaL_optinteger(L, 3, -1), len);
luaL_argcheck(L, 1 <= posi && --posi <= (lua_Integer)len, 2,
"initial position out of string");
luaL_argcheck(L, --posj < (lua_Integer)len, 3,
"final position out of string");
while (posi <= posj) {
const char *s1 = utf8_decode(s + posi, NULL);
if (s1 == NULL) { /* conversion error? */
lua_pushnil(L); /* return nil ... */
lua_pushinteger(L, posi + 1); /* ... and current position */
return 2;
}
posi = s1 - s;
n++;
}
lua_pushinteger(L, n);
return 1;
}
/*
** codepoint(s, [i, [j]]) -> returns codepoints for all characters
** that start in the range [i,j]
*/
static int codepoint (lua_State *L) {
size_t len;
const char *s = luaL_checklstring(L, 1, &len);
lua_Integer posi = u_posrelat(luaL_optinteger(L, 2, 1), len);
lua_Integer pose = u_posrelat(luaL_optinteger(L, 3, posi), len);
int n;
const char *se;
luaL_argcheck(L, posi >= 1, 2, "out of range");
luaL_argcheck(L, pose <= (lua_Integer)len, 3, "out of range");
if (posi > pose) return 0; /* empty interval; return no values */
if (pose - posi >= INT_MAX) /* (lua_Integer -> int) overflow? */
return luaL_error(L, "string slice too long");
n = (int)(pose - posi) + 1;
luaL_checkstack(L, n, "string slice too long");
n = 0;
se = s + pose;
for (s += posi - 1; s < se;) {
int code;
s = utf8_decode(s, &code);
if (s == NULL)
return luaL_error(L, "invalid UTF-8 code");
lua_pushinteger(L, code);
n++;
}
return n;
}
static void pushutfchar (lua_State *L, int arg) {
lua_Integer code = luaL_checkinteger(L, arg);
luaL_argcheck(L, 0 <= code && code <= MAXUNICODE, arg, "value out of range");
lua_pushfstring(L, "%U", (long)code);
}
/*
** utfchar(n1, n2, ...) -> char(n1)..char(n2)...
*/
static int utfchar (lua_State *L) {
int n = lua_gettop(L); /* number of arguments */
if (n == 1) /* optimize common case of single char */
pushutfchar(L, 1);
else {
int i;
luaL_Buffer b;
luaL_buffinit(L, &b);
for (i = 1; i <= n; i++) {
pushutfchar(L, i);
luaL_addvalue(&b);
}
luaL_pushresult(&b);
}
return 1;
}
/*
** offset(s, n, [i]) -> index where n-th character counting from
** position 'i' starts; 0 means character at 'i'.
*/
static int byteoffset (lua_State *L) {
size_t len;
const char *s = luaL_checklstring(L, 1, &len);
lua_Integer n = luaL_checkinteger(L, 2);
lua_Integer posi = (n >= 0) ? 1 : len + 1;
posi = u_posrelat(luaL_optinteger(L, 3, posi), len);
luaL_argcheck(L, 1 <= posi && --posi <= (lua_Integer)len, 3,
"position out of range");
if (n == 0) {
/* find beginning of current byte sequence */
while (posi > 0 && iscont(s + posi)) posi--;
}
else {
if (iscont(s + posi))
luaL_error(L, "initial position is a continuation byte");
if (n < 0) {
while (n < 0 && posi > 0) { /* move back */
do { /* find beginning of previous character */
posi--;
} while (posi > 0 && iscont(s + posi));
n++;
}
}
else {
n--; /* do not move for 1st character */
while (n > 0 && posi < (lua_Integer)len) {
do { /* find beginning of next character */
posi++;
} while (iscont(s + posi)); /* (cannot pass final '\0') */
n--;
}
}
}
if (n == 0) /* did it find given character? */
lua_pushinteger(L, posi + 1);
else /* no such character */
lua_pushnil(L);
return 1;
}
static int iter_aux (lua_State *L) {
size_t len;
const char *s = luaL_checklstring(L, 1, &len);
lua_Integer n = lua_tointeger(L, 2) - 1;
if (n < 0) /* first iteration? */
n = 0; /* start from here */
else if (n < (lua_Integer)len) {
n++; /* skip current byte */
while (iscont(s + n)) n++; /* and its continuations */
}
if (n >= (lua_Integer)len)
return 0; /* no more codepoints */
else {
int code;
const char *next = utf8_decode(s + n, &code);
if (next == NULL || iscont(next))
return luaL_error(L, "invalid UTF-8 code");
lua_pushinteger(L, n + 1);
lua_pushinteger(L, code);
return 2;
}
}
static int iter_codes (lua_State *L) {
luaL_checkstring(L, 1);
lua_pushcfunction(L, iter_aux);
lua_pushvalue(L, 1);
lua_pushinteger(L, 0);
return 3;
}
/* pattern to match a single UTF-8 character */
#define UTF8PATT "[\0-\x7F\xC2-\xF4][\x80-\xBF]*"
static const luaL_Reg funcs[] = {
{"offset", byteoffset},
{"codepoint", codepoint},
{"char", utfchar},
{"len", utflen},
{"codes", iter_codes},
/* CHN BEGIN */
{"validate", utf8_validate},
/* CHN END */
/* placeholders */
{"charpattern", NULL},
{NULL, NULL}
};
LUAMOD_API int luaopen_utf8 (lua_State *L) {
luaL_newlib(L, funcs);
lua_pushlstring(L, UTF8PATT, sizeof(UTF8PATT)/sizeof(char) - 1);
lua_setfield(L, -2, "charpattern");
return 1;
}
