--- java/org/apache/tomcat/util/buf/Utf8Decoder.java.orig 2018-10-01 11:41:20.080777790 -0400
+++ java/org/apache/tomcat/util/buf/Utf8Decoder.java 2018-10-01 11:42:07.421663409 -0400
@@ -277,6 +277,11 @@ public class Utf8Decoder extends Charset
outRemaining--;
} else {
if (outRemaining < 2) {
+ // Encoded with 4 bytes. inIndex currently points
+ // to the final byte. Move it back to first byte.
+ inIndex -= 3;
+ in.position(inIndex - in.arrayOffset());
+ out.position(outIndex - out.arrayOffset());
return CoderResult.OVERFLOW;
}
cArr[outIndex++] = (char) ((jchar >> 0xA) + 0xD7C0);
--- webapps/docs/changelog.xml.orig 2018-10-01 11:47:17.700912507 -0400
+++ webapps/docs/changelog.xml 2018-10-01 11:47:40.889856277 -0400
@@ -57,6 +57,16 @@
They eventually become mixed with the numbered issues. (I.e., numbered
issues do not "pop up" wrt. others).
-->
+<section name="Tomcat 7.0.76-8 (csutherl)">
+ <subsection name="Catalina">
+ <changelog>
+ <fix>
+ Improve handing of overflow in the UTF-8 decoder with supplementary
+ characters. (markt)
+ </fix>
+ </changelog>
+ </subsection>
+</section>
<section name="Tomcat 7.0.76-3 (csutherl)">
<subsection name="Catalina">
<changelog>