9715eae02c
X-SVN-Rev: 25534
541 lines
17 KiB
C++
541 lines
17 KiB
C++
/*
|
|
***************************************************************************
|
|
* Copyright (C) 2008-2009, International Business Machines Corporation
|
|
* and others. All Rights Reserved.
|
|
***************************************************************************
|
|
* file name: uspoof.cpp
|
|
* encoding: US-ASCII
|
|
* tab size: 8 (not used)
|
|
* indentation:4
|
|
*
|
|
* created on: 2008Feb13
|
|
* created by: Andy Heninger
|
|
*
|
|
* Unicode Spoof Detection
|
|
*/
|
|
#include "unicode/utypes.h"
|
|
#include "unicode/uspoof.h"
|
|
#include "unicode/unorm.h"
|
|
#include "unicode/ustring.h"
|
|
#include "cmemory.h"
|
|
#include "uspoof_impl.h"
|
|
#include "uassert.h"
|
|
|
|
#include <stdio.h> // debug
|
|
|
|
U_NAMESPACE_USE
|
|
|
|
|
|
U_CAPI USpoofChecker * U_EXPORT2
|
|
uspoof_open(UErrorCode *status) {
|
|
if (U_FAILURE(*status)) {
|
|
return NULL;
|
|
}
|
|
SpoofImpl *si = new SpoofImpl(SpoofData::getDefault(*status), *status);
|
|
if (U_FAILURE(*status)) {
|
|
delete si;
|
|
si = NULL;
|
|
}
|
|
return (USpoofChecker *)si;
|
|
}
|
|
|
|
|
|
U_CAPI USpoofChecker * U_EXPORT2
|
|
uspoof_openFromSerialized(const void *data, int32_t length, int32_t *pActualLength,
|
|
UErrorCode *status) {
|
|
if (U_FAILURE(*status)) {
|
|
return NULL;
|
|
}
|
|
SpoofData *sd = new SpoofData(data, length, *status);
|
|
SpoofImpl *si = new SpoofImpl(sd, *status);
|
|
if (U_FAILURE(*status)) {
|
|
delete sd;
|
|
delete si;
|
|
return NULL;
|
|
}
|
|
if (sd == NULL || si == NULL) {
|
|
*status = U_MEMORY_ALLOCATION_ERROR;
|
|
delete sd;
|
|
delete si;
|
|
return NULL;
|
|
}
|
|
|
|
if (pActualLength != NULL) {
|
|
*pActualLength = sd->fRawData->fLength;
|
|
}
|
|
return reinterpret_cast<USpoofChecker *>(si);
|
|
}
|
|
|
|
|
|
U_CAPI USpoofChecker * U_EXPORT2
|
|
uspoof_clone(const USpoofChecker *sc, UErrorCode *status) {
|
|
const SpoofImpl *src = SpoofImpl::validateThis(sc, *status);
|
|
if (src == NULL) {
|
|
return NULL;
|
|
}
|
|
SpoofImpl *result = new SpoofImpl(*src, *status); // copy constructor
|
|
if (U_FAILURE(*status)) {
|
|
delete result;
|
|
result = NULL;
|
|
}
|
|
return (USpoofChecker *)result;
|
|
}
|
|
|
|
|
|
U_CAPI void U_EXPORT2
|
|
uspoof_close(USpoofChecker *sc) {
|
|
UErrorCode status = U_ZERO_ERROR;
|
|
SpoofImpl *This = SpoofImpl::validateThis(sc, status);
|
|
delete This;
|
|
}
|
|
|
|
|
|
U_CAPI void U_EXPORT2
|
|
uspoof_setChecks(USpoofChecker *sc, int32_t checks, UErrorCode *status) {
|
|
SpoofImpl *This = SpoofImpl::validateThis(sc, *status);
|
|
if (This == NULL) {
|
|
return;
|
|
}
|
|
|
|
// Verify that the requested checks are all ones (bits) that
|
|
// are acceptable, known values.
|
|
if (checks & ~USPOOF_ALL_CHECKS) {
|
|
*status = U_ILLEGAL_ARGUMENT_ERROR;
|
|
return;
|
|
}
|
|
|
|
This->fChecks = checks;
|
|
}
|
|
|
|
|
|
U_CAPI int32_t U_EXPORT2
|
|
uspoof_getChecks(const USpoofChecker *sc, UErrorCode *status) {
|
|
const SpoofImpl *This = SpoofImpl::validateThis(sc, *status);
|
|
if (This == NULL) {
|
|
return 0;
|
|
}
|
|
return This->fChecks;
|
|
}
|
|
|
|
U_CAPI void U_EXPORT2
|
|
uspoof_setAllowedLocales(USpoofChecker *sc, const char * /*localesList*/, UErrorCode *status) {
|
|
SpoofImpl *This = SpoofImpl::validateThis(sc, *status);
|
|
if (This == NULL) {
|
|
return;
|
|
}
|
|
// TODO:
|
|
}
|
|
|
|
|
|
U_CAPI const USet * U_EXPORT2
|
|
uspoof_getAllowedChars(const USpoofChecker *sc, UErrorCode *status) {
|
|
const UnicodeSet *result = uspoof_getAllowedUnicodeSet(sc, status);
|
|
return reinterpret_cast<const USet *>(result);
|
|
}
|
|
|
|
U_CAPI const UnicodeSet * U_EXPORT2
|
|
uspoof_getAllowedUnicodeSet(const USpoofChecker *sc, UErrorCode *status) {
|
|
const SpoofImpl *This = SpoofImpl::validateThis(sc, *status);
|
|
if (This == NULL) {
|
|
return NULL;
|
|
}
|
|
return This->fAllowedCharsSet;
|
|
}
|
|
|
|
|
|
U_CAPI void U_EXPORT2
|
|
uspoof_setAllowedChars(USpoofChecker *sc, const USet *chars, UErrorCode *status) {
|
|
const UnicodeSet *set = reinterpret_cast<const UnicodeSet *>(chars);
|
|
uspoof_setAllowedUnicodeSet(sc, set, status);
|
|
}
|
|
|
|
|
|
U_CAPI void U_EXPORT2
|
|
uspoof_setAllowedUnicodeSet(USpoofChecker *sc, const UnicodeSet *chars, UErrorCode *status) {
|
|
SpoofImpl *This = SpoofImpl::validateThis(sc, *status);
|
|
if (This == NULL) {
|
|
return;
|
|
}
|
|
if (chars->isBogus()) {
|
|
*status = U_ILLEGAL_ARGUMENT_ERROR;
|
|
return;
|
|
}
|
|
UnicodeSet *clonedSet = static_cast<UnicodeSet *>(chars->clone());
|
|
if (clonedSet == NULL || clonedSet->isBogus()) {
|
|
*status = U_MEMORY_ALLOCATION_ERROR;
|
|
return;
|
|
}
|
|
clonedSet->freeze();
|
|
delete This->fAllowedCharsSet;
|
|
This->fAllowedCharsSet = clonedSet;
|
|
This->fChecks |= USPOOF_CHAR_LIMIT;
|
|
}
|
|
|
|
|
|
U_CAPI int32_t U_EXPORT2
|
|
uspoof_check(const USpoofChecker *sc,
|
|
const UChar *text, int32_t length,
|
|
int32_t *position,
|
|
UErrorCode *status) {
|
|
|
|
const SpoofImpl *This = SpoofImpl::validateThis(sc, *status);
|
|
if (This == NULL) {
|
|
return 0;
|
|
}
|
|
if (length < -1) {
|
|
*status = U_ILLEGAL_ARGUMENT_ERROR;
|
|
return 0;
|
|
}
|
|
if (length == -1) {
|
|
// It's not worth the bother to handle nul terminated strings everywhere.
|
|
// Just get the length and be done with it.
|
|
length = u_strlen(text);
|
|
}
|
|
|
|
int32_t result = 0;
|
|
int32_t failPos = 0x7fffffff; // TODO: do we have a #define for max int32?
|
|
|
|
// A count of the number of non-Common or inherited scripts.
|
|
// Needed for both the SINGLE_SCRIPT and the WHOLE/MIXED_SCIRPT_CONFUSABLE tests.
|
|
// Share the computation when possible. scriptCount == -1 means that we haven't
|
|
// done it yet.
|
|
int32_t scriptCount = -1;
|
|
|
|
if ((This->fChecks) & USPOOF_SINGLE_SCRIPT) {
|
|
scriptCount = This->scriptScan(text, length, failPos, *status);
|
|
// printf("scriptCount (clipped to 2) = %d\n", scriptCount);
|
|
if ( scriptCount >= 2) {
|
|
// Note: scriptCount == 2 covers all cases of the number of scripts >= 2
|
|
result |= USPOOF_SINGLE_SCRIPT;
|
|
}
|
|
}
|
|
|
|
if (This->fChecks & USPOOF_CHAR_LIMIT) {
|
|
int32_t i;
|
|
UChar32 c;
|
|
for (i=0; i<length ;) {
|
|
U16_NEXT(text, i, length, c);
|
|
if (!This->fAllowedCharsSet->contains(c)) {
|
|
result |= USPOOF_CHAR_LIMIT;
|
|
if (i < failPos) {
|
|
failPos = i;
|
|
}
|
|
break;
|
|
}
|
|
}
|
|
}
|
|
|
|
// TODO: add USPOOF_INVISIBLE check
|
|
|
|
if (This->fChecks & (USPOOF_WHOLE_SCRIPT_CONFUSABLE | USPOOF_MIXED_SCRIPT_CONFUSABLE)) {
|
|
// The basic test is the same for both whole and mixed script confusables.
|
|
// Compute the set of scripts that every input character has a confusable in.
|
|
// For this computation an input character is always considered to be
|
|
// confusable with itself in its own script.
|
|
// If the number of such scripts is two or more, and the input consisted of
|
|
// characters all from a single script, we have a whole script confusable.
|
|
// (The two scripts will be the original script and the one that is confusable)
|
|
// If the number of such scripts >= one, and the original input contained characters from
|
|
// more than one script, we have a mixed script confusable. (We can transform
|
|
// some of the characters, and end up with a visually similar string all in
|
|
// one script.)
|
|
|
|
NFKDBuffer normalizedInput(text, length, *status);
|
|
const UChar *nfkdText = normalizedInput.getBuffer();
|
|
int32_t nfkdLength = normalizedInput.getLength();
|
|
|
|
if (scriptCount == -1) {
|
|
int32_t t;
|
|
scriptCount = This->scriptScan(text, length, t, *status);
|
|
}
|
|
|
|
ScriptSet scripts;
|
|
This->wholeScriptCheck(nfkdText, nfkdLength, &scripts, *status);
|
|
int32_t confusableScriptCount = scripts.countMembers();
|
|
//printf("confusableScriptCount = %d\n", confusableScriptCount);
|
|
|
|
if ((This->fChecks & USPOOF_WHOLE_SCRIPT_CONFUSABLE) &&
|
|
confusableScriptCount >= 2 &&
|
|
scriptCount == 1) {
|
|
result |= USPOOF_WHOLE_SCRIPT_CONFUSABLE;
|
|
}
|
|
|
|
if ((This->fChecks & USPOOF_MIXED_SCRIPT_CONFUSABLE) &&
|
|
confusableScriptCount >= 1 &&
|
|
scriptCount > 1) {
|
|
result |= USPOOF_MIXED_SCRIPT_CONFUSABLE;
|
|
}
|
|
}
|
|
|
|
if (position != NULL && failPos != 0x7fffffff) {
|
|
*position = failPos;
|
|
}
|
|
return result;
|
|
}
|
|
|
|
|
|
U_CAPI int32_t U_EXPORT2
|
|
uspoof_checkUTF8(const USpoofChecker *sc,
|
|
const char *text, int32_t length,
|
|
int32_t *position,
|
|
UErrorCode *status) {
|
|
|
|
if (U_FAILURE(*status)) {
|
|
return 0;
|
|
}
|
|
UChar stackBuf[USPOOF_STACK_BUFFER_SIZE];
|
|
UChar* text16 = stackBuf;
|
|
int32_t len16;
|
|
|
|
u_strFromUTF8(text16, USPOOF_STACK_BUFFER_SIZE, &len16, text, length, status);
|
|
if (U_FAILURE(*status) && *status != U_BUFFER_OVERFLOW_ERROR) {
|
|
return 0;
|
|
}
|
|
if (*status == U_BUFFER_OVERFLOW_ERROR) {
|
|
text16 = static_cast<UChar *>(uprv_malloc(len16 * sizeof(UChar) + 2));
|
|
if (text16 == NULL) {
|
|
*status = U_MEMORY_ALLOCATION_ERROR;
|
|
return 0;
|
|
}
|
|
*status = U_ZERO_ERROR;
|
|
u_strFromUTF8(text16, len16+1, NULL, text, length, status);
|
|
}
|
|
|
|
int32_t position16 = -1;
|
|
int32_t result = uspoof_check(sc, text16, len16, &position16, status);
|
|
if (U_FAILURE(*status)) {
|
|
return 0;
|
|
}
|
|
|
|
if (position16 > 0) {
|
|
// Translate a UTF-16 based error position back to a UTF-8 offset.
|
|
// u_strToUTF8() in preflight mode is an easy way to do it.
|
|
U_ASSERT(position16 <= len16);
|
|
u_strToUTF8(NULL, 0, position, text16, position16, status);
|
|
}
|
|
|
|
if (text16 != stackBuf) {
|
|
uprv_free(text16);
|
|
}
|
|
return result;
|
|
|
|
}
|
|
|
|
|
|
|
|
U_CAPI int32_t U_EXPORT2
|
|
uspoof_checkUnicodeString(const USpoofChecker *sc,
|
|
const U_NAMESPACE_QUALIFIER UnicodeString &text,
|
|
int32_t *position,
|
|
UErrorCode *status) {
|
|
int32_t result = uspoof_check(sc, text.getBuffer(), text.length(), position, status);
|
|
return result;
|
|
}
|
|
|
|
|
|
U_CAPI int32_t U_EXPORT2
|
|
uspoof_getSkeleton(const USpoofChecker *sc,
|
|
uint32_t type,
|
|
const UChar *s, int32_t length,
|
|
UChar *dest, int32_t destCapacity,
|
|
UErrorCode *status) {
|
|
|
|
const SpoofImpl *This = SpoofImpl::validateThis(sc, *status);
|
|
if (U_FAILURE(*status)) {
|
|
return 0;
|
|
}
|
|
if (length<-1 || destCapacity<0 || (destCapacity==0 && dest!=NULL) ||
|
|
(type & ~(USPOOF_SINGLE_SCRIPT_CONFUSABLE | USPOOF_ANY_CASE)) != 0) {
|
|
*status = U_ILLEGAL_ARGUMENT_ERROR;
|
|
return 0;
|
|
}
|
|
|
|
int32_t tableMask = 0;
|
|
switch (type) {
|
|
case 0:
|
|
tableMask = USPOOF_ML_TABLE_FLAG;
|
|
break;
|
|
case USPOOF_SINGLE_SCRIPT_CONFUSABLE:
|
|
tableMask = USPOOF_SL_TABLE_FLAG;
|
|
break;
|
|
case USPOOF_ANY_CASE:
|
|
tableMask = USPOOF_MA_TABLE_FLAG;
|
|
break;
|
|
case USPOOF_SINGLE_SCRIPT_CONFUSABLE | USPOOF_ANY_CASE:
|
|
tableMask = USPOOF_SA_TABLE_FLAG;
|
|
break;
|
|
default:
|
|
*status = U_ILLEGAL_ARGUMENT_ERROR;
|
|
return 0;
|
|
}
|
|
|
|
// NFKD transform of the user supplied input
|
|
|
|
UChar nfkdBuf[USPOOF_STACK_BUFFER_SIZE];
|
|
UChar *nfkdInput = nfkdBuf;
|
|
int32_t normalizedLen = unorm_normalize(
|
|
s, length, UNORM_NFKD, 0, nfkdInput, USPOOF_STACK_BUFFER_SIZE, status);
|
|
if (*status == U_BUFFER_OVERFLOW_ERROR) {
|
|
nfkdInput = (UChar *)uprv_malloc((normalizedLen+1)*sizeof(UChar));
|
|
if (nfkdInput == NULL) {
|
|
*status = U_MEMORY_ALLOCATION_ERROR;
|
|
return 0;
|
|
}
|
|
normalizedLen = unorm_normalize(s, length, UNORM_NFKD, 0,
|
|
nfkdInput, normalizedLen+1, status);
|
|
}
|
|
if (U_FAILURE(*status)) {
|
|
return 0;
|
|
}
|
|
|
|
// buffer to hold the Unicode defined mappings for a single code point
|
|
UChar buf[USPOOF_MAX_SKELETON_EXPANSION];
|
|
|
|
// Apply the mapping to the NFKD form string
|
|
|
|
int32_t inputIndex = 0;
|
|
int32_t resultLen = 0;
|
|
while (inputIndex < normalizedLen) {
|
|
UChar32 c;
|
|
U16_NEXT(nfkdInput, inputIndex, normalizedLen, c);
|
|
int32_t replaceLen = This->confusableLookup(c, tableMask, buf);
|
|
if (resultLen + replaceLen < destCapacity) {
|
|
int i;
|
|
for (i=0; i<replaceLen; i++) {
|
|
dest[resultLen++] = buf[i];
|
|
}
|
|
} else {
|
|
// Storing the transformed string would overflow the dest buffer.
|
|
// Don't bother storing anything, just sum up the required buffer size.
|
|
// (We dont guarantee that a truncated buffer is filled to it's end)
|
|
resultLen += replaceLen;
|
|
}
|
|
}
|
|
|
|
if (resultLen < destCapacity) {
|
|
dest[resultLen] = 0;
|
|
} else if (resultLen == destCapacity) {
|
|
*status = U_STRING_NOT_TERMINATED_WARNING;
|
|
} else {
|
|
*status = U_BUFFER_OVERFLOW_ERROR;
|
|
}
|
|
if (nfkdInput != nfkdBuf) {
|
|
uprv_free(nfkdInput);
|
|
}
|
|
return resultLen;
|
|
}
|
|
|
|
|
|
U_CAPI UnicodeString & U_EXPORT2
|
|
uspoof_getSkeletonUnicodeString(const USpoofChecker *sc,
|
|
uint32_t type,
|
|
const UnicodeString &s,
|
|
UnicodeString &dest,
|
|
UErrorCode *status) {
|
|
if (U_FAILURE(*status)) {
|
|
return dest;
|
|
}
|
|
dest.remove();
|
|
|
|
const UChar *str = s.getBuffer();
|
|
int32_t strLen = s.length();
|
|
UChar smallBuf[100];
|
|
UChar *buf = smallBuf;
|
|
int32_t outputSize = uspoof_getSkeleton(sc, type, str, strLen, smallBuf, 100, status);
|
|
if (*status == U_BUFFER_OVERFLOW_ERROR) {
|
|
buf = static_cast<UChar *>(uprv_malloc(outputSize+1));
|
|
if (buf == NULL) {
|
|
*status = U_MEMORY_ALLOCATION_ERROR;
|
|
}
|
|
uspoof_getSkeleton(sc, type, str, strLen, buf, outputSize+1, status);
|
|
}
|
|
if (U_SUCCESS(*status)) {
|
|
dest.setTo(buf, outputSize);
|
|
}
|
|
|
|
if (buf != smallBuf) {
|
|
uprv_free(buf);
|
|
}
|
|
return dest;
|
|
}
|
|
|
|
|
|
U_CAPI int32_t U_EXPORT2
|
|
uspoof_getSkeletonUTF8(const USpoofChecker *sc,
|
|
uint32_t type,
|
|
const char *s, int32_t length,
|
|
char *dest, int32_t destCapacity,
|
|
UErrorCode *status) {
|
|
// Lacking a UTF-8 normalization API, just converting the input to
|
|
// UTF-16 seems as good an approach as any. In typical use, input will
|
|
// be an identifier, which is to say not too long for stack buffers.
|
|
if (U_FAILURE(*status)) {
|
|
return 0;
|
|
}
|
|
// Buffers for the UChar form of the input and skeleton strings.
|
|
UChar smallInBuf[USPOOF_STACK_BUFFER_SIZE];
|
|
UChar *inBuf = smallInBuf;
|
|
UChar smallOutBuf[USPOOF_STACK_BUFFER_SIZE];
|
|
UChar *outBuf = smallOutBuf;
|
|
|
|
int32_t lengthInUChars = 0;
|
|
int32_t skelLengthInUChars = 0;
|
|
int32_t skelLengthInUTF8 = 0;
|
|
|
|
u_strFromUTF8(inBuf, USPOOF_STACK_BUFFER_SIZE, &lengthInUChars,
|
|
s, length, status);
|
|
if (*status == U_BUFFER_OVERFLOW_ERROR) {
|
|
*status = U_ZERO_ERROR;
|
|
inBuf = static_cast<UChar *>(uprv_malloc((lengthInUChars+1)*sizeof(UChar)));
|
|
if (inBuf == NULL) {
|
|
*status = U_MEMORY_ALLOCATION_ERROR;
|
|
goto cleanup;
|
|
}
|
|
u_strFromUTF8(inBuf, USPOOF_STACK_BUFFER_SIZE, &lengthInUChars+1,
|
|
s, length, status);
|
|
}
|
|
|
|
skelLengthInUChars = uspoof_getSkeleton(sc, type, outBuf, lengthInUChars,
|
|
outBuf, USPOOF_STACK_BUFFER_SIZE, status);
|
|
if (*status == U_BUFFER_OVERFLOW_ERROR) {
|
|
*status = U_ZERO_ERROR;
|
|
outBuf = static_cast<UChar *>(uprv_malloc((skelLengthInUChars+1)*sizeof(UChar)));
|
|
if (outBuf == NULL) {
|
|
*status = U_MEMORY_ALLOCATION_ERROR;
|
|
goto cleanup;
|
|
}
|
|
skelLengthInUChars = uspoof_getSkeleton(sc, type, outBuf, lengthInUChars,
|
|
outBuf, USPOOF_STACK_BUFFER_SIZE, status);
|
|
}
|
|
|
|
u_strToUTF8(dest, destCapacity, &skelLengthInUTF8,
|
|
outBuf, skelLengthInUChars, status);
|
|
|
|
cleanup:
|
|
if (inBuf != smallInBuf) {
|
|
delete inBuf;
|
|
}
|
|
if (outBuf != smallOutBuf) {
|
|
delete outBuf;
|
|
}
|
|
return skelLengthInUTF8;
|
|
}
|
|
|
|
|
|
U_CAPI int32_t U_EXPORT2
|
|
uspoof_serialize(USpoofChecker *sc,void *buf, int32_t capacity, UErrorCode *status) {
|
|
SpoofImpl *This = SpoofImpl::validateThis(sc, *status);
|
|
if (This == NULL) {
|
|
U_ASSERT(U_FAILURE(*status));
|
|
return 0;
|
|
}
|
|
int32_t dataSize = This->fSpoofData->fRawData->fLength;
|
|
if (capacity < dataSize) {
|
|
*status = U_BUFFER_OVERFLOW_ERROR;
|
|
return dataSize;
|
|
}
|
|
uprv_memcpy(buf, This->fSpoofData->fRawData, dataSize);
|
|
return dataSize;
|
|
}
|
|
|