Opened 14 years ago

Last modified 2 months ago

#840 new enhancement

Translation kit should be reviewed for utf-8 string vulnerabilities

Reported by: marcusoverhagen Owned by: nobody
Priority: normal Milestone: R1
Component: Kits/ Version:
Keywords: Cc:
Blocked By: Blocking:
Platform: All


The Translation kit should be reviewed for utf-8 string vulnerabilities.

Please see ticket #839 for an example.

Change History (4)

comment:1 by axeld, 11 years ago

Component: User InterfaceKits/Translation Kit
Owner: changed from axeld to nobody

comment:2 by waddlesplash, 5 years ago

Milestone: R1Unscheduled

comment:3 by waddlesplash, 5 years ago

Milestone: UnscheduledR1

Reverting earlier milestone change

comment:4 by pulkomandy, 2 months ago

Component: Kits/Translation KitKits/

Functions to review (from a grep on "utf8"):

os/locale/UnicodeChar.h:                static uint32 FromUTF8(const char** in);
os/locale/UnicodeChar.h:                static uint32 FromUTF8(const char* in);
os/locale/UnicodeChar.h:                static size_t UTF8StringLength(const char* string);
os/locale/UnicodeChar.h:                static size_t UTF8StringLength(const char* string, size_t maxLength);
os/support/UTF8.h:status_t convert_to_utf8(uint32 sourceEncoding, const char* source,
os/support/UTF8.h:status_t convert_from_utf8(uint32 destEncoding, const char* source, 
private/file_systems/QueryParserUtils.h:uint32          utf8ToUnicode(char** string);
private/interface/utf8_functions.h:UTF8NextCharLenUnsafe(const char *text)
private/interface/utf8_functions.h:UTF8NextCharLen(const char *text)
private/interface/utf8_functions.h:UTF8NextCharLen(const char *bytes, size_t length)
private/interface/utf8_functions.h:UTF8PreviousCharLen(const char *text, const char *limit)
private/interface/utf8_functions.h:UTF8CountBytes(const char *bytes, int32 numChars)
private/interface/utf8_functions.h:UTF8CountChars(const char *bytes, int32 numBytes)
private/interface/utf8_functions.h:UTF8ToCharCode(const char **bytes)
private/mail/mail_util.h:status_t mail_convert_to_utf8(uint32 srcEncoding, const char *src,
private/mail/mail_util.h:status_t mail_convert_from_utf8(uint32 dstEncoding, const char *src,
private/mail/mail_util.h:ssize_t rfc2047_to_utf8(char **buffer, size_t *bufLen, size_t strLen = 0);
private/mail/mail_util.h:ssize_t utf8_to_rfc2047(char **bufp, ssize_t length,uint32 charset, char encoding);
private/system/convertutf.h:ssize_t utf16le_to_utf8(const uint16* source, size_t sourceCodeUnitCount,
private/system/convertutf.h:ssize_t utf16be_to_utf8(const uint16* source, size_t sourceCodeUnitCount,

None of this is in the translation kit, however. Moving to libtextencoding even if that's also not quite accurate. We should also check why there are so many utf8 manipulation functions all around.

All functions which manipulate "characters" (vs bytes) in BString are also candidates.

Note: See TracTickets for help on using tickets.