1 /*
2  * Copyright (C) 2014 The Android Open Source Project
3  * All rights reserved.
4  *
5  * Redistribution and use in source and binary forms, with or without
6  * modification, are permitted provided that the following conditions
7  * are met:
8  *  * Redistributions of source code must retain the above copyright
9  *    notice, this list of conditions and the following disclaimer.
10  *  * Redistributions in binary form must reproduce the above copyright
11  *    notice, this list of conditions and the following disclaimer in
12  *    the documentation and/or other materials provided with the
13  *    distribution.
14  *
15  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
16  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
17  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
18  * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
19  * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
20  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
21  * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
22  * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
23  * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
24  * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
25  * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26  * SUCH DAMAGE.
27  */
28 
29 #include <errno.h>
30 #include <sys/param.h>
31 #include <uchar.h>
32 #include <wchar.h>
33 
34 #include "private/bionic_mbstate.h"
35 
mbrtoc32(char32_t * pc32,const char * s,size_t n,mbstate_t * ps)36 size_t mbrtoc32(char32_t* pc32, const char* s, size_t n, mbstate_t* ps) {
37   static mbstate_t __private_state;
38   mbstate_t* state = (ps == NULL) ? &__private_state : ps;
39 
40   // We should never get to a state which has all 4 bytes of the sequence set.
41   // Full state verification is done when decoding the sequence (after we have
42   // all the bytes).
43   if (mbstate_get_byte(state, 3) != 0) {
44     return reset_and_return_illegal(EINVAL, state);
45   }
46 
47   if (s == NULL) {
48     s = "";
49     n = 1;
50     pc32 = NULL;
51   }
52 
53   if (n == 0) {
54     return 0;
55   }
56 
57   uint8_t ch;
58   if (mbsinit(state) && (((ch = static_cast<uint8_t>(*s)) & ~0x7f) == 0)) {
59     // Fast path for plain ASCII characters.
60     if (pc32 != NULL) {
61       *pc32 = ch;
62     }
63     return (ch != '\0' ? 1 : 0);
64   }
65 
66   // Determine the number of octets that make up this character
67   // from the first octet, and a mask that extracts the
68   // interesting bits of the first octet. We already know
69   // the character is at least two bytes long.
70   size_t length;
71   int mask;
72 
73   // We also specify a lower bound for the character code to
74   // detect redundant, non-"shortest form" encodings. For
75   // example, the sequence C0 80 is _not_ a legal representation
76   // of the null character. This enforces a 1-to-1 mapping
77   // between character codes and their multibyte representations.
78   char32_t lower_bound;
79 
80   // The first byte in the state (if any) tells the length.
81   size_t bytes_so_far = mbstate_bytes_so_far(state);
82   ch = bytes_so_far > 0 ? mbstate_get_byte(state, 0) : static_cast<uint8_t>(*s);
83   if ((ch & 0x80) == 0) {
84     mask = 0x7f;
85     length = 1;
86     lower_bound = 0;
87   } else if ((ch & 0xe0) == 0xc0) {
88     mask = 0x1f;
89     length = 2;
90     lower_bound = 0x80;
91   } else if ((ch & 0xf0) == 0xe0) {
92     mask = 0x0f;
93     length = 3;
94     lower_bound = 0x800;
95   } else if ((ch & 0xf8) == 0xf0) {
96     mask = 0x07;
97     length = 4;
98     lower_bound = 0x10000;
99   } else {
100     // Malformed input; input is not UTF-8. See RFC 3629.
101     return reset_and_return_illegal(EILSEQ, state);
102   }
103 
104   // Fill in the state.
105   size_t bytes_wanted = length - bytes_so_far;
106   size_t i;
107   for (i = 0; i < MIN(bytes_wanted, n); i++) {
108     if (!mbsinit(state) && ((*s & 0xc0) != 0x80)) {
109       // Malformed input; bad characters in the middle of a character.
110       return reset_and_return_illegal(EILSEQ, state);
111     }
112     mbstate_set_byte(state, bytes_so_far + i, *s++);
113   }
114   if (i < bytes_wanted) {
115     return __MB_ERR_INCOMPLETE_SEQUENCE;
116   }
117 
118   // Decode the octet sequence representing the character in chunks
119   // of 6 bits, most significant first.
120   char32_t c32 = mbstate_get_byte(state, 0) & mask;
121   for (i = 1; i < length; i++) {
122     c32 <<= 6;
123     c32 |= mbstate_get_byte(state, i) & 0x3f;
124   }
125 
126   if (c32 < lower_bound) {
127     // Malformed input; redundant encoding.
128     return reset_and_return_illegal(EILSEQ, state);
129   }
130   if ((c32 >= 0xd800 && c32 <= 0xdfff) || c32 == 0xfffe || c32 == 0xffff) {
131     // Malformed input; invalid code points.
132     return reset_and_return_illegal(EILSEQ, state);
133   }
134   if (pc32 != NULL) {
135     *pc32 = c32;
136   }
137   return reset_and_return(c32 == U'\0' ? 0 : bytes_wanted, state);
138 }
139