[go] time: capture the non-ASCII rune(65533) in quote() to prevent panic

25 views
Skip to first unread message

Emmanuel Odeke (Gerrit)

unread,
Jun 23, 2021, 11:20:44 PM6/23/21
to Andy Pan, goph...@pubsubhelper.golang.org, golang-...@googlegroups.com, Ian Lance Taylor, Go Bot, Kevin Burke, Martin Möhrmann, golang-co...@googlegroups.com

Emmanuel Odeke submitted this change.

View Change

Approvals: Ian Lance Taylor: Looks good to me, approved; Run TryBots Kevin Burke: Looks good to me, but someone else must approve Emmanuel Odeke: Trusted Go Bot: TryBots succeeded 
time: handle invalid UTF-8 byte sequences in quote to prevent panic

Fixes #46883
Updates CL 267017

Change-Id: I15c307bfb0aaa2877a148d32527681f79df1a650
Reviewed-on: https://go-review.googlesource.com/c/go/+/330289
Reviewed-by: Kevin Burke <k...@inburke.com>
Reviewed-by: Ian Lance Taylor <ia...@golang.org>
Run-TryBot: Ian Lance Taylor <ia...@golang.org>
TryBot-Result: Go Bot <go...@golang.org>
Trust: Emmanuel Odeke <emma...@orijtech.com>
---
M src/time/format.go
M src/time/time_test.go
2 files changed, 20 insertions(+), 3 deletions(-)

diff --git a/src/time/format.go b/src/time/format.go
index 6040ed5..bb173a2 100644
--- a/src/time/format.go
+++ b/src/time/format.go
@@ -751,8 +751,11 @@
 
 // These are borrowed from unicode/utf8 and strconv and replicate behavior in
 // that package, since we can't take a dependency on either.
-const runeSelf = 0x80
-const lowerhex = "0123456789abcdef"
+const (
+	lowerhex  = "0123456789abcdef"
+	runeSelf  = 0x80
+	runeError = '\uFFFD'
+)
 
 func quote(s string) string {
 	buf := make([]byte, 1, len(s)+2) // slice will be at least len(s) + quotes
@@ -765,7 +768,16 @@
 			// reproduce strconv.Quote's behavior with full fidelity but
 			// given how rarely we expect to hit these edge cases, speed and
 			// conciseness are better.
-			for j := 0; j < len(string(c)) && j < len(s); j++ {
+			var width int
+			if c == runeError {
+				width = 1
+				if i+2 < len(s) && s[i:i+3] == string(runeError) {
+					width = 3
+				}
+			} else {
+				width = len(string(c))
+			}
+			for j := 0; j < width; j++ {
 				buf = append(buf, `\x`...)
 				buf = append(buf, lowerhex[s[i+j]>>4])
 				buf = append(buf, lowerhex[s[i+j]&0xF])
diff --git a/src/time/time_test.go b/src/time/time_test.go
index f272bbd..cea5f2d 100644
--- a/src/time/time_test.go
+++ b/src/time/time_test.go
@@ -917,6 +917,11 @@
 	{".s", `".s"`},
 	{"+.s", `"+.s"`},
 	{"1d", `"1d"`},
+	{"\x85\x85", `"\x85\x85"`},
+	{"\xffff", `"\xffff"`},
+	{"hello \xffff world", `"hello \xffff world"`},
+	{"\uFFFD", `"\xef\xbf\xbd"`},                                             // utf8.RuneError
+	{"\uFFFD hello \uFFFD world", `"\xef\xbf\xbd hello \xef\xbf\xbd world"`}, // utf8.RuneError
 	// overflow
 	{"9223372036854775810ns", `"9223372036854775810ns"`},
 	{"9223372036854775808ns", `"9223372036854775808ns"`},

To view, visit change 330289. To unsubscribe, or for help writing mail filters, visit settings.

Gerrit-Project: go
Gerrit-Branch: master
Gerrit-Change-Id: I15c307bfb0aaa2877a148d32527681f79df1a650
Gerrit-Change-Number: 330289
Gerrit-PatchSet: 10
Gerrit-Owner: Andy Pan <panj...@gmail.com>
Gerrit-Reviewer: Emmanuel Odeke <emma...@orijtech.com>
Gerrit-Reviewer: Go Bot <go...@golang.org>
Gerrit-Reviewer: Ian Lance Taylor <ia...@golang.org>
Gerrit-Reviewer: Kevin Burke <k...@inburke.com>
Gerrit-CC: Martin Möhrmann <mart...@uos.de>
Gerrit-MessageType: merged
Reply all
Reply to author
Forward
0 new messages