Implemented invalid UTF8 detection in decodeURI.

src/uri.js

Index: src/uri.js
diff --git a/src/uri.js b/src/uri.js
index e47c284955747470e970a85a0d1c266a851e3ef5..cf39b07a2f22a8d7e50b31d31cb7f78115af7682 100644
--- a/src/uri.js
+++ b/src/uri.js
@@ -90,27 +90,55 @@ function URIHexCharsToCharCode(ch1, ch2) {
 
 
 function URIDecodeOctets(octets, result, index) {
-  if (octets[3]) {
-    var x = (octets[2] >> 4) & 3;
-    var y = octets[2] & 0xF;
-    var z = octets[3] & 63;
-    var v = (((octets[0] & 7) << 2) | ((octets[1] >> 4) & 3)) - 1;
-    var w = octets[1] & 0xF;
-    result[index++] = 55296 | (v << 6) | (w << 2) | x;
-    result[index++] = 56320 | (y << 6) | z;
-    return index;
+  var value;

[Lasse Reichstein, 2009/03/10 07:25:03]

How about assigning octets[0], octets[1] and octets[2] to variables, instead of
doing so many array lookups?
Is this auto-generated code?

[Christian Plesner Hansen, 2009/03/10 07:46:52]

You only know if octets[2] exists when you've inspected octets[0] and octets[1]
so you can't declare those variables up front and declaring them along the way
makes the code more difficult to read.  But I'll see if I can refactor it
somehow to read properties less often.

It was hand written, thank you very much, but with no attempts of being smart
about anything because it's so easy to get wrong.

+  if (octets[0] < 0x80) {
+    value = octets[0];
+  } else if (octets[0] < 0xc2) {
+    throw new $URIError("URI malformed");
+  } else if (octets[0] < 0xe0) {
+    var a = octets[0] & 0x1f;
+    if ((octets[1] < 0x80) || (octets[1] > 0xbf))
+      throw new $URIError("URI malformed");
+    var b = octets[1] & 0x3f;
+    value = (a << 6) + b;
+    if (value < 0x80 || value > 0x7ff)
+      throw new $URIError("URI malformed");
+  } else if (octets[0] < 0xf0) {
+    var a = octets[0] & 0x0f;
+    if ((octets[1] < 0x80) || (octets[1] > 0xbf))
+      throw new $URIError("URI malformed");
+    var b = octets[1] & 0x3f;
+    if ((octets[2] < 0x80) || (octets[2] > 0xbf))
+      throw new $URIError("URI malformed");
+    var c = octets[2] & 0x3f;
+    value = (a << 12) + (b << 6) + c;
+    if ((value < 0x800) || (value > 0xffff))
+      throw new $URIError("URI malformed");
+  } else if (octets[0] < 0xf8) {
+    var a = (octets[0] & 0x07);
+    if ((octets[1] < 0x80) || (octets[1] > 0xbf))
+      throw new $URIError("URI malformed");
+    var b = (octets[1] & 0x3f);
+    if ((octets[2] < 0x80) || (octets[2] > 0xbf))
+      throw new $URIError("URI malformed");
+    var c = (octets[2] & 0x3f);
+    if ((octets[3] < 0x80) || (octets[3] > 0xbf))
+      throw new $URIError("URI malformed");
+    var d = (octets[3] & 0x3f);
+    value = (a << 18) + (b << 12) + (c << 6) + d;
+    if ((value < 0x10000) || (value > 0x10ffff))
+      throw new $URIError("URI malformed");
+  } else {
+    throw new $URIError("URI malformed");
   }
-  if (octets[2]) {
-    var x = octets[0] & 0xF;
-    var y = octets[1] & 63;
-    var z = octets[2] & 63;
-    result[index++] = (x << 12) | (y << 6) | z;
+  if (value < 0x10000) {
+    result[index++] = value;
+    return index;
+  } else {
+    result[index++] = (value >> 10) + 0xd7c0;
+    result[index++] = (value & 0x3ff) + 0xdc00;
     return index;
   }
-  var z = octets[1] & 63;
-  var y = octets[0] & 31;
-  result[index++] = (y << 6) | z;
-  return index;
 }