1 files changed, 46 insertions, 4 deletions

diff --git a/deps/icu-small/source/i18n/uspoof_impl.cpp b/deps/icu-small/source/i18n/uspoof_impl.cpp
index 0ca85c00a9..c1034c2e53 100644
--- a/deps/icu-small/source/i18n/uspoof_impl.cpp
+++ b/deps/icu-small/source/i18n/uspoof_impl.cpp
@@ -377,6 +377,43 @@ URestrictionLevel SpoofImpl::getRestrictionLevel(const UnicodeString& input, UEr
     return USPOOF_MINIMALLY_RESTRICTIVE;
 }
 
+int32_t SpoofImpl::findHiddenOverlay(const UnicodeString& input, UErrorCode&) const {
+    bool sawLeadCharacter = false;
+    for (int32_t i=0; i<input.length();) {
+        UChar32 cp = input.char32At(i);
+        if (sawLeadCharacter && cp == 0x0307) {
+            return i;
+        }
+        uint8_t combiningClass = u_getCombiningClass(cp);
+        // Skip over characters except for those with combining class 0 (non-combining characters) or with
+        // combining class 230 (same class as U+0307)
+        U_ASSERT(u_getCombiningClass(0x0307) == 230);
+        if (combiningClass == 0 || combiningClass == 230) {
+            sawLeadCharacter = isIllegalCombiningDotLeadCharacter(cp);
+        }
+        i += U16_LENGTH(cp);
+    }
+    return -1;
+}
+
+static inline bool isIllegalCombiningDotLeadCharacterNoLookup(UChar32 cp) {
+    return cp == u'i' || cp == u'j' || cp == u'ı' || cp == u'ȷ' || cp == u'l' ||
+           u_hasBinaryProperty(cp, UCHAR_SOFT_DOTTED);
+}
+
+bool SpoofImpl::isIllegalCombiningDotLeadCharacter(UChar32 cp) const {
+    if (isIllegalCombiningDotLeadCharacterNoLookup(cp)) {
+        return true;
+    }
+    UnicodeString skelStr;
+    fSpoofData->confusableLookup(cp, skelStr);
+    UChar32 finalCp = skelStr.char32At(skelStr.moveIndex32(skelStr.length(), -1));
+    if (finalCp != cp && isIllegalCombiningDotLeadCharacterNoLookup(finalCp)) {
+        return true;
+    }
+    return false;
+}
+
 
 
 // Convert a text format hex number.  Utility function used by builder code.  Static.
@@ -532,24 +569,25 @@ uspoof_cleanupDefaultData(void) {
     if (gDefaultSpoofData) {
         // Will delete, assuming all user-level spoof checkers were closed.
         gDefaultSpoofData->removeReference();
-        gDefaultSpoofData = NULL;
+        gDefaultSpoofData = nullptr;
         gSpoofInitDefaultOnce.reset();
     }
     return TRUE;
 }
 
 static void U_CALLCONV uspoof_loadDefaultData(UErrorCode& status) {
-    UDataMemory *udm = udata_openChoice(NULL, "cfu", "confusables",
+    UDataMemory *udm = udata_openChoice(nullptr, "cfu", "confusables",
                                         spoofDataIsAcceptable,
-                                        NULL,       // context, would receive dataVersion if supplied.
+                                        nullptr,       // context, would receive dataVersion if supplied.
                                         &status);
     if (U_FAILURE(status)) { return; }
     gDefaultSpoofData = new SpoofData(udm, status);
     if (U_FAILURE(status)) {
         delete gDefaultSpoofData;
+        gDefaultSpoofData = nullptr;
         return;
     }
-    if (gDefaultSpoofData == NULL) {
+    if (gDefaultSpoofData == nullptr) {
         status = U_MEMORY_ALLOCATION_ERROR;
         return;
     }
@@ -590,6 +628,10 @@ SpoofData::SpoofData(const void *data, int32_t length, UErrorCode &status)
         status = U_INVALID_FORMAT_ERROR;
         return;
     }
+    if (data == NULL) {
+        status = U_ILLEGAL_ARGUMENT_ERROR;
+        return;
+    }
     void *ncData = const_cast<void *>(data);
     fRawData = static_cast<SpoofDataHeader *>(ncData);
     if (length < fRawData->fLength) {