Skip to content

Fix off-by-one bounds check in utf8.js deLoose function #54

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
Copilot wants to merge 2 commits into
base: main
Choose a base branch
from
Draft

Fix off-by-one bounds check in utf8.js deLoose function #54

Copilot wants to merge 2 commits into from
+4 −4

Conversation

Copy link
Contributor

Copilot AI commented Jan 28, 2026
edited
Loading

The deLoose function searches for UTF-8 replacement character sequences (0xEF 0xBF 0xBD) but had an off-by-one error allowing out-of-bounds reads.

Changes

  • utf8.js: Fixed bounds check when searching for 3-byte replacement sequence
    • Changed last = res.length - 2last = res.length - 3 (last valid position to read 3 consecutive bytes)
    • Changed loop condition start < laststart <= last
    • Added pos > last guard after indexOf to prevent OOB access when 0xEF found near array end
// Before: when pos = res.length - 2, accessing res[pos + 2] reads res[res.length]
const last = res.length - 2
while (start < last) {
  const pos = res.indexOf(0xef, start)
  if (pos === -1) break
  if (res[pos + 1] === 0xbf && res[pos + 2] === 0xbd) { // OOB possible

// After: safe bounds for 3-byte sequence access
const last = res.length - 3
while (start <= last) {
  const pos = res.indexOf(0xef, start)
  if (pos === -1 || pos > last) break
  if (res[pos + 1] === 0xbf && res[pos + 2] === 0xbd) { // always in bounds
Original prompt

This section details on the original issue you should resolve

<issue_title>Review the codebase and identify mistakes</issue_title>
<issue_description>Ignore tests/wpt and other vendored tests

Note: wif using synchronous path for async implementation is not an issue, it's done for perf, as underlying method is always sync (again, for perf).

Pay close attention to corner cases

Ignore utf-32 for now, it's not yet shipped and is incomplete.</issue_description>

Comments on the Issue (you are @copilot in this section)

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.

@ChALkeR
Fix bounds check in utf8.js deLoose function
7fc67dd 
Co-authored-by: ChALkeR <291301+ChALkeR@users.noreply.github.com>
Copilot AI changed the title [WIP] Review codebase and identify mistakes Fix off-by-one bounds check in utf8.js deLoose function Jan 28, 2026
Copilot AI requested a review from ChALkeR January 28, 2026 21:04
@ChALkeR
Copy link
Collaborator

ChALkeR commented Jan 28, 2026
edited
Loading

This has no real effect but makes sense for code clarity
Will have to test though, that code might be not called anywhere and is a fallback for old engines

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ChALkeR ChALkeR Awaiting requested review from ChALkeR ChALkeR is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

@ChALkeR ChALkeR

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Review the codebase and identify mistakes

2 participants

@ChALkeR