Opened 18 years ago
Last modified 4 years ago
#840 new enhancement
Translation kit should be reviewed for utf-8 string vulnerabilities
Reported by: | marcusoverhagen | Owned by: | nobody |
---|---|---|---|
Priority: | normal | Milestone: | R1.1 |
Component: | Kits/libtextencoding.so | Version: | |
Keywords: | Cc: | ||
Blocked By: | Blocking: | ||
Platform: | All |
Description
The Translation kit should be reviewed for utf-8 string vulnerabilities.
Please see ticket #839 for an example.
Change History (5)
comment:1 by , 15 years ago
Component: | User Interface → Kits/Translation Kit |
---|---|
Owner: | changed from | to
comment:2 by , 9 years ago
Milestone: | R1 → Unscheduled |
---|
comment:3 by , 9 years ago
Milestone: | Unscheduled → R1 |
---|
comment:4 by , 5 years ago
Component: | Kits/Translation Kit → Kits/libtextencoding.so |
---|
Functions to review (from a grep on "utf8"):
os/locale/UnicodeChar.h: static uint32 FromUTF8(const char** in); os/locale/UnicodeChar.h: static uint32 FromUTF8(const char* in); os/locale/UnicodeChar.h: static size_t UTF8StringLength(const char* string); os/locale/UnicodeChar.h: static size_t UTF8StringLength(const char* string, size_t maxLength); os/support/UTF8.h:status_t convert_to_utf8(uint32 sourceEncoding, const char* source, os/support/UTF8.h:status_t convert_from_utf8(uint32 destEncoding, const char* source, private/file_systems/QueryParserUtils.h:uint32 utf8ToUnicode(char** string); private/interface/utf8_functions.h:UTF8NextCharLenUnsafe(const char *text) private/interface/utf8_functions.h:UTF8NextCharLen(const char *text) private/interface/utf8_functions.h:UTF8NextCharLen(const char *bytes, size_t length) private/interface/utf8_functions.h:UTF8PreviousCharLen(const char *text, const char *limit) private/interface/utf8_functions.h:UTF8CountBytes(const char *bytes, int32 numChars) private/interface/utf8_functions.h:UTF8CountChars(const char *bytes, int32 numBytes) private/interface/utf8_functions.h:UTF8ToCharCode(const char **bytes) private/mail/mail_util.h:status_t mail_convert_to_utf8(uint32 srcEncoding, const char *src, private/mail/mail_util.h:status_t mail_convert_from_utf8(uint32 dstEncoding, const char *src, private/mail/mail_util.h:ssize_t rfc2047_to_utf8(char **buffer, size_t *bufLen, size_t strLen = 0); private/mail/mail_util.h:ssize_t utf8_to_rfc2047(char **bufp, ssize_t length,uint32 charset, char encoding); private/system/convertutf.h:ssize_t utf16le_to_utf8(const uint16* source, size_t sourceCodeUnitCount, private/system/convertutf.h:ssize_t utf16be_to_utf8(const uint16* source, size_t sourceCodeUnitCount,
None of this is in the translation kit, however. Moving to libtextencoding even if that's also not quite accurate. We should also check why there are so many utf8 manipulation functions all around.
All functions which manipulate "characters" (vs bytes) in BString are also candidates.
comment:5 by , 4 years ago
Milestone: | R1 → R1.1 |
---|
Note:
See TracTickets
for help on using tickets.
Reverting earlier milestone change