LazUTF8 function UTF8FixBroken Endless loop
Original Reporter info from Mantis: datiscum @datiscum
-
Reporter name: Michel
Original Reporter info from Mantis: datiscum @datiscum
- Reporter name: Michel
Description:
p = #195 (closed) -- I hope the debugger gave me the right values.
p[1] = #195 (closed) -- I hope the debugger gave me the right values.
But I think you can see that if p is not incremented, there is an infinite loop.
{ fix any broken UTF8 sequences with spaces }
procedure UTF8FixBroken(P: PChar);
var
c: cardinal;
begin
if p=nil then exit;
while p^<>#0 do begin
if ord(p^)<%10000000 then begin
// regular single byte character
inc(p);
end
else if ord(p^)<%11000000 then begin
// invalid
p^:=' ';
inc(p);
end
else if ((ord(p^) and %11100000) = %11000000) then begin
// starts with %110 => should be 2 byte character
if ((ord(p[1]) and %11000000) = %10000000) then begin
c:=((ord(p^) and %00011111) shl 6);
//or (ord(p[1]) and %00111111);
if c<(1 shl 7) then
p^:=' ' // fix XSS attack
else
inc(p,2)
end
else if p[1]<>#0 then <-- No counting up from p to here. Then back to while and on and so on endless.
p^:=' ';
end