intl/uconv/tests/unit/test_bug601429.js@fc2d59ddac77 (annotated)
intl/uconv/tests/unit/test_bug601429.js
Wed, 31 Dec 2014 07:22:50 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Wed, 31 Dec 2014 07:22:50 +0100
- branch
- TOR_BUG_3246
- changeset 4
- fc2d59ddac77
- permissions
- -rw-r--r--
Correct previous dual key logic pending first delivery installment.
| michael@0 | 1 | // Tests whether characters above 0x7F decode to ASCII characters liable to |
| michael@0 | 2 | // expose XSS vulnerabilities |
| michael@0 | 3 | load('CharsetConversionTests.js'); |
| michael@0 | 4 | |
| michael@0 | 5 | function run_test() { |
| michael@0 | 6 | var failures = false; |
| michael@0 | 7 | var ccManager = Cc["@mozilla.org/charset-converter-manager;1"] |
| michael@0 | 8 | .getService(Ci.nsICharsetConverterManager); |
| michael@0 | 9 | var decodingConverter = CreateScriptableConverter(); |
| michael@0 | 10 | |
| michael@0 | 11 | var charsetList = ccManager.getDecoderList(); |
| michael@0 | 12 | var counter = 0; |
| michael@0 | 13 | while (charsetList.hasMore()) { |
| michael@0 | 14 | ++counter; |
| michael@0 | 15 | var charset = charsetList.getNext(); |
| michael@0 | 16 | dump("testing " + counter + " " + charset + "\n"); |
| michael@0 | 17 | |
| michael@0 | 18 | try { |
| michael@0 | 19 | decodingConverter.charset = charset; |
| michael@0 | 20 | } catch(e) { |
| michael@0 | 21 | dump("Warning: couldn't set decoder charset to " + charset + "\n"); |
| michael@0 | 22 | continue; |
| michael@0 | 23 | } |
| michael@0 | 24 | for (var i = 0x80; i < 0x100; ++i) { |
| michael@0 | 25 | var inString = String.fromCharCode(i); |
| michael@0 | 26 | var outString; |
| michael@0 | 27 | try { |
| michael@0 | 28 | outString = decodingConverter.ConvertToUnicode(inString) + |
| michael@0 | 29 | decodingConverter.Finish(); |
| michael@0 | 30 | } catch(e) { |
| michael@0 | 31 | outString = String.fromCharCode(0xFFFD); |
| michael@0 | 32 | } |
| michael@0 | 33 | for (var n = 0; n < outString.length; ++n) { |
| michael@0 | 34 | var outChar = outString.charAt(n); |
| michael@0 | 35 | if (outChar == '<' || outChar == '>' || outChar == '/') { |
| michael@0 | 36 | dump(charset + " has a problem: " + escape(inString) + |
| michael@0 | 37 | " decodes to '" + outString + "'\n"); |
| michael@0 | 38 | failures = true; |
| michael@0 | 39 | } |
| michael@0 | 40 | } |
| michael@0 | 41 | } |
| michael@0 | 42 | } |
| michael@0 | 43 | if (failures) { |
| michael@0 | 44 | do_throw("test failed\n"); |
| michael@0 | 45 | } |
| michael@0 | 46 | } |
