/* * Copyright 2015 Matthew Dillon (mbintowcr, wcrtombin) * Copyright 2013 Garrett D'Amore * Copyright 2011 Nexenta Systems, Inc. All rights reserved. * Copyright (c) 2002-2004 Tim J. Robbins * All rights reserved. * * Copyright (c) 2011 The FreeBSD Foundation * All rights reserved. * Portions of this software were developed by David Chisnall * under sponsorship from the FreeBSD Foundation. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ /* * WCSBIN_EOF - Indicate EOF on input buffer. * * WCSBIN_SURRO - Pass-through surrogate space (typically if the UTF-8 * has already been escaped), on bytes-to-wchars and * wchars-to-bytes. Escaping of other illegal codes will * still occur on input but de-escaping will not occur * on output (they will remain in the surrogate space). * * WCSBIN_LONGCODES - Allow 4-byte >= 0x10FFFF, 5-byte and 6-byte sequences * (normally illegal), otherwise escape it on input * and fail on output. * * WCSBIN_STRICT - Allow byte-to-wide conversions to fail. */ #include #include #include #include #include #include #include #include "mblocal.h" static size_t _UTF8_mbrtowc(wchar_t * __restrict, const char * __restrict, size_t, mbstate_t * __restrict); static int _UTF8_mbsinit(const mbstate_t *); static size_t _UTF8_mbsnrtowcs(wchar_t * __restrict, const char ** __restrict, size_t, size_t, mbstate_t * __restrict); static size_t _UTF8_wcrtomb(char * __restrict, wchar_t, mbstate_t * __restrict); static size_t _UTF8_wcsnrtombs(char * __restrict, const wchar_t ** __restrict, size_t, size_t, mbstate_t * __restrict); static size_t _UTF8_mbintowcr(wchar_t * __restrict dst, const char * __restrict src, size_t dlen, size_t *slen, int flags); static size_t _UTF8_wcrtombin(char * __restrict dst, const wchar_t * __restrict src, size_t dlen, size_t *slen, int flags); typedef struct { wchar_t ch; int want; wchar_t lbound; } _UTF8State; int _UTF8_init(struct xlocale_ctype *l, _RuneLocale *rl) { l->__mbrtowc = _UTF8_mbrtowc; l->__wcrtomb = _UTF8_wcrtomb; l->__mbsinit = _UTF8_mbsinit; l->__mbsnrtowcs = _UTF8_mbsnrtowcs; l->__wcsnrtombs = _UTF8_wcsnrtombs; l->__mbintowcr = _UTF8_mbintowcr; l->__wcrtombin = _UTF8_wcrtombin; l->runes = rl; l->__mb_cur_max = 4; /* * UCS-4 encoding used as the internal representation, so * slots 0x0080-0x00FF are occuped and must be excluded * from the single byte ctype by setting the limit. */ l->__mb_sb_limit = 128; return (0); } static int _UTF8_mbsinit(const mbstate_t *ps) { return (ps == NULL || ((const _UTF8State *)ps)->want == 0); } static size_t _UTF8_mbrtowc(wchar_t * __restrict pwc, const char * __restrict s, size_t n, mbstate_t * __restrict ps) { _UTF8State *us; int ch, i, mask, want; wchar_t lbound, wch; us = (_UTF8State *)ps; if (us->want < 0 || us->want > 4) { errno = EINVAL; return ((size_t)-1); } if (s == NULL) { s = ""; n = 1; pwc = NULL; } if (n == 0) /* Incomplete multibyte sequence */ return ((size_t)-2); if (us->want == 0) { /* * Determine the number of octets that make up this character * from the first octet, and a mask that extracts the * interesting bits of the first octet. We already know * the character is at least two bytes long. * * We also specify a lower bound for the character code to * detect redundant, non-"shortest form" encodings. For * example, the sequence C0 80 is _not_ a legal representation * of the null character. This enforces a 1-to-1 mapping * between character codes and their multibyte representations. */ ch = (unsigned char)*s; if ((ch & 0x80) == 0) { /* Fast path for plain ASCII characters. */ if (pwc != NULL) *pwc = ch; return (ch != '\0' ? 1 : 0); } if ((ch & 0xe0) == 0xc0) { mask = 0x1f; want = 2; lbound = 0x80; } else if ((ch & 0xf0) == 0xe0) { mask = 0x0f; want = 3; lbound = 0x800; } else if ((ch & 0xf8) == 0xf0) { mask = 0x07; want = 4; lbound = 0x10000; } else { /* * Malformed input; input is not UTF-8. */ errno = EILSEQ; return ((size_t)-1); } } else { want = us->want; lbound = us->lbound; } /* * Decode the octet sequence representing the character in chunks * of 6 bits, most significant first. */ if (us->want == 0) wch = (unsigned char)*s++ & mask; else wch = us->ch; for (i = (us->want == 0) ? 1 : 0; i < MIN(want, n); i++) { if ((*s & 0xc0) != 0x80) { /* * Malformed input; bad characters in the middle * of a character. */ errno = EILSEQ; return ((size_t)-1); } wch <<= 6; wch |= *s++ & 0x3f; } if (i < want) { /* Incomplete multibyte sequence. */ us->want = want - i; us->lbound = lbound; us->ch = wch; return ((size_t)-2); } if (wch < lbound || wch > 0x10ffff) { /* * Malformed input; redundant encoding or illegal * code sequence. */ errno = EILSEQ; return ((size_t)-1); } if (pwc != NULL) *pwc = wch; us->want = 0; return (wch == L'\0' ? 0 : want); } static size_t _UTF8_mbsnrtowcs(wchar_t * __restrict dst, const char ** __restrict src, size_t nms, size_t len, mbstate_t * __restrict ps) { _UTF8State *us; const char *s; size_t nchr; wchar_t wc; size_t nb; us = (_UTF8State *)ps; s = *src; nchr = 0; if (dst == NULL) { /* * The fast path in the loop below is not safe if an ASCII * character appears as anything but the first byte of a * multibyte sequence. Check now to avoid doing it in the loop. */ if (nms > 0 && us->want > 0 && (signed char)*s > 0) { errno = EILSEQ; return ((size_t)-1); } for (;;) { if (nms > 0 && (signed char)*s > 0) /* * Fast path for plain ASCII characters * excluding NUL. */ nb = 1; else if ((nb = _UTF8_mbrtowc(&wc, s, nms, ps)) == (size_t)-1) /* Invalid sequence - mbrtowc() sets errno. */ return ((size_t)-1); else if (nb == 0 || nb == (size_t)-2) return (nchr); s += nb; nms -= nb; nchr++; } /*NOTREACHED*/ } /* * The fast path in the loop below is not safe if an ASCII * character appears as anything but the first byte of a * multibyte sequence. Check now to avoid doing it in the loop. */ if (nms > 0 && len > 0 && us->want > 0 && (signed char)*s > 0) { errno = EILSEQ; return ((size_t)-1); } while (len-- > 0) { if (nms > 0 && (signed char)*s > 0) { /* * Fast path for plain ASCII characters * excluding NUL. */ *dst = (wchar_t)*s; nb = 1; } else if ((nb = _UTF8_mbrtowc(dst, s, nms, ps)) == (size_t)-1) { *src = s; return ((size_t)-1); } else if (nb == (size_t)-2) { *src = s + nms; return (nchr); } else if (nb == 0) { *src = NULL; return (nchr); } s += nb; nms -= nb; nchr++; dst++; } *src = s; return (nchr); } static size_t _UTF8_wcrtomb(char * __restrict s, wchar_t wc, mbstate_t * __restrict ps) { _UTF8State *us; unsigned char lead; int i, len; us = (_UTF8State *)ps; if (us->want != 0) { errno = EINVAL; return ((size_t)-1); } if (s == NULL) /* Reset to initial shift state (no-op) */ return (1); /* * Determine the number of octets needed to represent this character. * We always output the shortest sequence possible. Also specify the * first few bits of the first octet, which contains the information * about the sequence length. */ if ((wc & ~0x7f) == 0) { /* Fast path for plain ASCII characters. */ *s = (char)wc; return (1); } else if ((wc & ~0x7ff) == 0) { lead = 0xc0; len = 2; } else if ((wc & ~0xffff) == 0) { lead = 0xe0; len = 3; } else if (wc <= 0x10ffff) { lead = 0xf0; len = 4; } else { errno = EILSEQ; return ((size_t)-1); } /* * Output the octets representing the character in chunks * of 6 bits, least significant last. The first octet is * a special case because it contains the sequence length * information. */ for (i = len - 1; i > 0; i--) { s[i] = (wc & 0x3f) | 0x80; wc >>= 6; } *s = (wc & 0xff) | lead; return (len); } static size_t _UTF8_wcsnrtombs(char * __restrict dst, const wchar_t ** __restrict src, size_t nwc, size_t len, mbstate_t * __restrict ps) { _UTF8State *us; char buf[MB_LEN_MAX]; const wchar_t *s; size_t nbytes; size_t nb; us = (_UTF8State *)ps; if (us->want != 0) { errno = EINVAL; return ((size_t)-1); } s = *src; nbytes = 0; if (dst == NULL) { while (nwc-- > 0) { if (0 <= *s && *s < 0x80) /* Fast path for plain ASCII characters. */ nb = 1; else if ((nb = _UTF8_wcrtomb(buf, *s, ps)) == (size_t)-1) /* Invalid character - wcrtomb() sets errno. */ return ((size_t)-1); if (*s == L'\0') return (nbytes + nb - 1); s++; nbytes += nb; } return (nbytes); } while (len > 0 && nwc-- > 0) { if (0 <= *s && *s < 0x80) { /* Fast path for plain ASCII characters. */ nb = 1; *dst = *s; } else if (len > (size_t)MB_CUR_MAX) { /* Enough space to translate in-place. */ if ((nb = _UTF8_wcrtomb(dst, *s, ps)) == (size_t)-1) { *src = s; return ((size_t)-1); } } else { /* * May not be enough space; use temp. buffer. */ if ((nb = _UTF8_wcrtomb(buf, *s, ps)) == (size_t)-1) { *src = s; return ((size_t)-1); } if (nb > (int)len) /* MB sequence for character won't fit. */ break; (void) memcpy(dst, buf, nb); } if (*s == L'\0') { *src = NULL; return (nbytes + nb - 1); } s++; dst += nb; len -= nb; nbytes += nb; } *src = s; return (nbytes); } /* * Clean binary to wchar buffer conversions. This is basically like a normal * buffer conversion but with a sane argument API and escaping. See none.c * for a more complete description. */ static size_t _UTF8_mbintowcr(wchar_t * __restrict dst, const char * __restrict src, size_t dlen, size_t *slen, int flags) { size_t i; size_t j; size_t k; size_t n = *slen; int ch, mask, want; wchar_t lbound, wch; for (i = j = 0; i < n; ++i) { if (j == dlen) break; ch = (unsigned char)src[i]; if ((ch & 0x80) == 0) { /* Fast path for plain ASCII characters. */ if (dst) dst[j] = ch; ++j; continue; } if ((ch & 0xe0) == 0xc0) { mask = 0x1f; want = 2; lbound = 0x80; } else if ((ch & 0xf0) == 0xe0) { mask = 0x0f; want = 3; lbound = 0x800; } else if ((ch & 0xf8) == 0xf0) { mask = 0x07; want = 4; lbound = 0x10000; } else if ((ch & 0xfc) == 0xf8) { /* normally illegal, handled down below */ mask = 0x03; want = 5; lbound = 0x200000; } else if ((ch & 0xfe) == 0xfc) { /* normally illegal, handled down below */ mask = 0x01; want = 6; lbound = 0x4000000; } else { /* * Malformed input; input is not UTF-8, escape * with UTF-8B. */ if (flags & WCSBIN_STRICT) { if (i == 0) { errno = EILSEQ; return ((size_t)-1); } break; } if (dst) dst[j] = 0xDC00 | ch; ++j; continue; } /* * Construct wchar_t from multibyte sequence. */ wch = ch & mask; for (k = 1; k < want; ++k) { /* * Stop if not enough input (don't do this early * so we can detect illegal characters as they occur * in the stream). * * If termination is requested force-escape all chars. */ if (i + k >= n) { if (flags & WCSBIN_EOF) { want = n - i; goto forceesc; } goto breakout; } ch = src[i+k]; if ((ch & 0xc0) != 0x80) { /* * Malformed input, bad characters in the * middle of a multibyte sequence. Escape * with UTF-8B. */ if (flags & WCSBIN_STRICT) { if (i == 0) { errno = EILSEQ; return ((size_t)-1); } goto breakout; } if (dst) dst[j] = 0xDC00 | (unsigned char)src[i]; ++j; goto loopup; } wch <<= 6; wch |= ch & 0x3f; } /* * Check validity of the wchar. If invalid we could escape * just the first character and loop up, but it ought to be * more readable if we escape all the chars in the sequence * (since they are all >= 0x80 and might represent a legacy * 5-byte or 6-byte code). */ if (wch < lbound || ((flags & WCSBIN_LONGCODES) == 0 && wch > 0x10ffff)) { goto forceesc; } /* * Check if wch is a surrogate code (which also encloses our * UTF-8B escaping range). This is normally illegal in UTF8. * If it is, we need to escape each characer in the sequence. * Breakout if there isn't enough output buffer space. * * If (flags & WCSBIN_SURRO) the caller wishes to accept * surrogate codes, i.e. the input might potentially already * be escaped UTF8-B or unchecked UTF-16 that was converted * into UTF-8. */ if ((flags & WCSBIN_SURRO) == 0 && wch >= 0xD800 && wch <= 0xDFFF) { forceesc: if (j + want > dlen) break; if (flags & WCSBIN_STRICT) { if (i == 0) { errno = EILSEQ; return ((size_t)-1); } break; } for (k = 0; k < want; ++k) { if (dst) { dst[j] = 0xDC00 | (unsigned char)src[i+k]; } ++j; } i += k - 1; } else { i += k - 1; if (dst) dst[j] = wch; ++j; } loopup: ; } breakout: *slen = i; return j; } static size_t _UTF8_wcrtombin(char * __restrict dst, const wchar_t * __restrict src, size_t dlen, size_t *slen, int flags) { size_t i; size_t j; size_t k; size_t n = *slen; size_t len; unsigned char lead; wchar_t wc; for (i = j = 0; i < n; ++i) { if (j == dlen) break; wc = src[i]; if ((wc & ~0x7f) == 0) { /* Fast path for plain ASCII characters. */ if (dst) dst[j] = (unsigned char)wc; ++j; continue; } if ((wc & ~0x7ff) == 0) { lead = 0xc0; len = 2; } else if (wc >= 0xDC80 && wc <= 0xDCFF && (flags & WCSBIN_SURRO) == 0) { if (flags & WCSBIN_STRICT) { /* * STRICT without SURRO is an error for * surrogates. */ if (i == 0) { errno = EILSEQ; return ((size_t)-1); } break; } if (dst) dst[j] = (unsigned char)wc; ++j; continue; } else if ((wc & ~0xffff) == 0) { if (wc >= 0xD800 && wc <= 0xDFFF && (flags & (WCSBIN_SURRO | WCSBIN_STRICT)) == WCSBIN_STRICT) { /* * Surrogates in general are an error * if STRICT is specified and SURRO is not * specified. */ if (i == 0) { errno = EILSEQ; return ((size_t)-1); } break; } lead = 0xe0; len = 3; } else if (wc <= 0x10ffff) { lead = 0xf0; len = 4; } else if ((flags & WCSBIN_LONGCODES) && wc < 0x200000) { /* normally illegal */ lead = 0xf0; len = 4; } else if ((flags & WCSBIN_LONGCODES) && wc < 0x4000000) { /* normally illegal */ lead = 0xf8; len = 5; } else if ((flags & WCSBIN_LONGCODES) && (uint32_t)wc < 0x80000000U) { /* normally illegal */ lead = 0xfc; len = 6; } else { if (i == 0) { errno = EILSEQ; return ((size_t)-1); } /* stop here, process error on next loop */ break; } /* * Output the octets representing the character in chunks * of 6 bits, least significant last. The first octet is * a special case because it contains the sequence length * information. */ if (j + len > dlen) break; k = j; j += len; if (dst) { while (--len > 0) { dst[k + len] = (wc & 0x3f) | 0x80; wc >>= 6; } dst[k] = (wc & 0xff) | lead; } } *slen = i; return j; } size_t utf8towcr(wchar_t * __restrict dst, const char * __restrict src, size_t dlen, size_t *slen, int flags) { return _UTF8_mbintowcr(dst, src, dlen, slen, flags); } size_t wcrtoutf8(char * __restrict dst, const wchar_t * __restrict src, size_t dlen, size_t *slen, int flags) { return _UTF8_wcrtombin(dst, src, dlen, slen, flags); }