Project

General

Profile

Actions

Backport #5635

closed

String#unpack("M") の不正データ時の振る舞い

Added by tommy (Masahiro Tomita) almost 13 years ago. Updated about 12 years ago.

Status:
Closed
[ruby-dev:44875]

Description

String#unpack("M") で "=hoge" みたいな不正なデータがあった場合、現在は
そこで処理を中断してしまっていますが、それ以降のデータをすべて捨ててし
まうのはかわいそうなので、ポインタを一つ進めて処理を継続した方がいいん
じゃないかと思うのですがどうでしょうか。

RFC2045 には次のような記述があります。

(2)   An "=" followed by a character that is neither a
      hexadecimal digit (including "abcdef") nor the CR
      character of a CRLF pair is illegal.  This case can be
      the result of US-ASCII text having been included in a
      quoted-printable part of a message without itself
      having been subjected to quoted-printable encoding.  A
      reasonable approach by a robust implementation might be
      to include the "=" character and the following
      character in the decoded data without any
      transformation and, if possible, indicate to the user
      that proper decoding was not possible at this point in
      the data.

Index: pack.c

--- pack.c (リビジョン 33758)
+++ pack.c (作業コピー)
@@ -2008,20 +2008,23 @@

	while (s < send) {
	    if (*s == '=') {
  •   	if (++s == send) break;
    
  •                   if (s+1 < send && *s == '\r' && *(s+1) == '\n')
    
  •                     s++;
    
  •   	if (*s != '\n') {
    
  •   	    if ((c1 = hex2num(*s)) == -1) break;
    
  •   	    if (++s == send) break;
    
  •   	    if ((c2 = hex2num(*s)) == -1) break;
    
  •   	    *ptr++ = c1 << 4 | c2;
    
  •   	if (s+1 < send && *(s+1) == '\n') {
    
  •   	    s += 2;
    
  •   	    continue;
    
  •   	}
    
  •   	if (s+2 < send) {
    
  •   	    if (*(s+1) == '\r' && *(s+2) == '\n') {
    
  •   		s += 3;
    
  •   		continue;
    
  •   	    }
    
  •   	    if ((c1 = hex2num(*(s+1))) > -1 && (c2 = hex2num(*(s+2))) > -1) {
    
  •   		*ptr++ = c1 << 4 | c2;
    
  •   		s += 3;
    
  •   		continue;
    
  •   	    }
      	}
          }
    
  •       else {
    
  •   	*ptr++ = *s;
    
  •       }
    
  •       s++;
    
  •       *ptr++ = *s++;
      }
      rb_str_set_len(buf, ptr - RSTRING_PTR(buf));
      ENCODING_CODERANGE_SET(buf, rb_ascii8bit_encindex(), ENC_CODERANGE_VALID);
    

Index: test/ruby/test_pack.rb

--- test/ruby/test_pack.rb (リビジョン 33758)
+++ test/ruby/test_pack.rb (作業コピー)
@@ -612,6 +612,17 @@
assert_equal([0x100000000], "\220\200\200\200\000".unpack("w"), [0x100000000])
end

  • def test_pack_unpack_M
  • assert_equal(["pre123after"], "pre=31=32=33after".unpack("M"))
  • assert_equal(["preafter"], "pre=\nafter".unpack("M"))
  • assert_equal(["preafter"], "pre=\r\nafter".unpack("M"))
  • assert_equal(["pre="], "pre=".unpack("M"))
  • assert_equal(["pre=\r"], "pre=\r".unpack("M"))
  • assert_equal(["pre=hoge"], "pre=hoge".unpack("M"))
  • assert_equal(["pre=1after"], "pre==31after".unpack("M"))
  • assert_equal(["pre==1after"], "pre===31after".unpack("M"))
  • end
  • def test_modify_under_safe4
    s = "foo"
    assert_raise(SecurityError) do

Updated by naruse (Yui NARUSE) almost 13 years ago

うーん、RFCに変換せずにそのままくっつけとけとあるのでしたらその通りにした方がいいように思うのですが

Updated by tommy (Masahiro Tomita) almost 13 years ago

あれ? 不正なデータについては、そのままにしてるつもりなのですが。
少なくとも今の不正なデータ以降全部削ってしまう動きよりはいいんじゃないかと…。

Updated by naruse (Yui NARUSE) almost 13 years ago

わたしには処理を継続しないと読めるんですがどうなんでしょう。
まぁ、RFCよりもこの手の通信系は長いものに巻かれるのが正しい気もするので、他の実装の例でも。

Updated by tommy (Masahiro Tomita) almost 13 years ago

あ~、なるほど、不正なデータに遭遇したら、それ以降のデータは一切変換するな…と。
確かにそっちの方がいいような気がします。

Updated by ko1 (Koichi Sasada) over 12 years ago

  • Assignee set to naruse (Yui NARUSE)
Actions #6

Updated by naruse (Yui NARUSE) over 12 years ago

  • Status changed from Open to Closed
  • % Done changed from 0 to 100

This issue was solved with changeset r34972.
Masahiro, thank you for reporting this issue.
Your contribution to Ruby is greatly appreciated.
May Ruby be with you.


  • pack.c (pack_unpack): when unpack('M') occurs an illegal byte
    sequence, output the "=" character and the following character in
    the decoded data without any transformation.
    [ruby-dev:44875] [Bug #5635]
Actions #7

Updated by naruse (Yui NARUSE) about 12 years ago

  • Tracker changed from Bug to Backport
  • Project changed from Ruby master to Backport193
Actions

Also available in: Atom PDF

Like0
Like0Like0Like0Like0Like0Like0Like0