From: Philip Jenvey <pjenvey@underboss.org>
Date: Sat, 27 Oct 2012 00:01:53 +0000 (-0700)
Subject: bounds check for bad data (thanks amaury)
X-Git-Tag: v3.2.4rc1~412
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=45c41494bf4992d6c2a0bd1fca3d0dff164ec4ba;p=thirdparty%2FPython%2Fcpython.git

bounds check for bad data (thanks amaury)
---

diff --git a/Lib/test/test_codecs.py b/Lib/test/test_codecs.py
index f342d88b9f6a..42d0da3e703b 100644
--- a/Lib/test/test_codecs.py
+++ b/Lib/test/test_codecs.py
@@ -645,6 +645,8 @@ class UTF8Test(ReadTest):
         self.assertEqual(b"abc\xed\xa0\x80def".decode("utf-8", "surrogatepass"),
                          "abc\ud800def")
         self.assertTrue(codecs.lookup_error("surrogatepass"))
+        with self.assertRaises(UnicodeDecodeError):
+            b"abc\xed\xa0".decode("utf-8", "surrogatepass")
 
 class UTF7Test(ReadTest):
     encoding = "utf-7"
diff --git a/Python/codecs.c b/Python/codecs.c
index c7f4a9cbc1a4..90f1cf6ad0fc 100644
--- a/Python/codecs.c
+++ b/Python/codecs.c
@@ -821,9 +821,10 @@ PyCodec_SurrogatePassErrors(PyObject *exc)
         /* Try decoding a single surrogate character. If
            there are more, let the codec call us again. */
         p += start;
-        if ((p[0] & 0xf0) == 0xe0 ||
-            (p[1] & 0xc0) == 0x80 ||
-            (p[2] & 0xc0) == 0x80) {
+        if (strlen(p) > 2 &&
+            ((p[0] & 0xf0) == 0xe0 ||
+             (p[1] & 0xc0) == 0x80 ||
+             (p[2] & 0xc0) == 0x80)) {
             /* it's a three-byte code */
             ch = ((p[0] & 0x0f) << 12) + ((p[1] & 0x3f) << 6) + (p[2] & 0x3f);
             if (ch < 0xd800 || ch > 0xdfff)