This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
[PING][PATCH][BZ #14134] Fix iconv segfault while converting fromIBM-930
- From: Siddhesh Poyarekar <siddhesh at redhat dot com>
- To: libc-alpha at sourceware dot org
- Date: Fri, 1 Jun 2012 08:04:07 +0530
- Subject: [PING][PATCH][BZ #14134] Fix iconv segfault while converting fromIBM-930
- References: <20120523072951.05c5a66f@spoyarek>
ping?
On Wed, 23 May 2012 07:29:51 +0530, Siddhesh wrote:
> Hi,
>
> When converting IBM930 code with iconv(), if IBM930 code which
> includes invalid multibyte character "0xffff" is specified, then
> iconv() segfaults. This is easy to see using the following command:
>
> echo '0x0e 0x43 0x8c 0xff 0xff 0x43 0xbd 0x43 0xbd' | xxd -r |
> iconv -f IBM930 -t UTF-8
>
> The crash seems to happen when looking up the offset for the
> character into the conversion table, since the conversion tables are
> delimited by {0xffff, 0xffff, 0} at the end. I've added an additional
> check for invalid character in this patch, which is to check if the
> matched entry is the one above. I have made an analogous change to the
> conversion-to-ibm930 section of the code since it makes sense
> logically, even though I don't have a reproducer to induce a crash
> the other way around.
>
> I have verified that there are no regressions in the testsuite as a
> result of this patch.
>
> Regards,
> Siddhesh
>
> ChangeLog:
>
> 2012-05-23 Siddhesh Poyarekar <siddhesh@redhat.com>
>
> * iconvdata/ibm930.c (BODY): Check for invalid character
> 0xffff that matches the last element of the conversion table.