From 9de6776321b80d387e6108683547bc043f868925 Mon Sep 17 00:00:00 2001
From: Sergio Giro <sgiro@google.com>
Date: Wed, 20 Jul 2016 20:01:33 +0100
Subject: Unicode: specify destination length in utf8_to_utf16 methods

String16(const char *utf8) now returns the empty string in case
a string ends halfway throw a utf8 character.

Bug: 29267949
Clean cherry-pick from 1dcc0c82394ec9cd6887c7ca39f9b5024db01ac9

Change-Id: I5223caa7d42f4582a982609a898a02043265c6d3
---
 libutils/tests/Unicode_test.cpp | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

(limited to 'libutils/tests')

diff --git a/libutils/tests/Unicode_test.cpp b/libutils/tests/Unicode_test.cpp
index c263f75e2..d23e43a71 100644
--- a/libutils/tests/Unicode_test.cpp
+++ b/libutils/tests/Unicode_test.cpp
@@ -98,7 +98,7 @@ TEST_F(UnicodeTest, UTF8toUTF16Normal) {
 
     char16_t output[1 + 1 + 1 + 2 + 1]; // Room for NULL
 
-    utf8_to_utf16(str, sizeof(str), output);
+    utf8_to_utf16(str, sizeof(str), output, sizeof(output) / sizeof(output[0]));
 
     EXPECT_EQ(0x0030, output[0])
             << "should be U+0030";
@@ -147,4 +147,15 @@ TEST_F(UnicodeTest, strstr16TargetNotPresent) {
     EXPECT_EQ(nullptr, result);
 }
 
+// http://b/29267949
+// Test that overreading in utf8_to_utf16_length is detected
+TEST_F(UnicodeTest, InvalidUtf8OverreadDetected) {
+    // An utf8 char starting with \xc4 is two bytes long.
+    // Add extra zeros so no extra memory is read in case the code doesn't
+    // work as expected.
+    static char utf8[] = "\xc4\x00\x00\x00";
+    ASSERT_DEATH(utf8_to_utf16_length((uint8_t *) utf8, strlen(utf8),
+            true /* overreadIsFatal */), "" /* regex for ASSERT_DEATH */);
+}
+
 }
-- 
cgit v1.2.3