<URL: http://bugs.freeciv.org/Ticket/Display.html?id=40299 >

Marko Lindqvist wrote:
> <URL: http://bugs.freeciv.org/Ticket/Display.html?id=40299 >
> 
> 2008/6/22 Jason Dorje Short:
>> Also with utf-8 truncating things like this is not at all safe.  This
>> can send incorrect utf-8 to the server which when sent back to the
>> client becomes very hard to handle.  GTK will crash (yes, crash) if
>> given invalid utf-8; it's supposed to be checked before it's passed in
>> but I'm not sure if we do that.  If it is checked the best thing the
>> client could do is discard the invalid utf-8 string.
> 
>  Actually, that truncation is not needed with any correctly working
> implementation of vsnprintf(). Ending zero should be there already,
> and hopefully in right place UTF-8 wise.

Yes, most (all?) implementations of snprintf should truncate.  But it 
will NOT be in the right place utf-8 wise; snprintf knows nothing about 
characters, only bytes.  If truncation happens it'll be on the 50th byte 
regardless of how many characters fit in there or if it gets truncated 
mid-character.

>  But does it makes sense to send such truncated command at all. At
> worst case we execute wrong variant of the command that has different
> versions taking different number of parameters. At best case we are
> just abbreviating something so that server still understands it.

Possibly aborting and giving the user an error message is better, yes.

For *commands* truncation shouldn't be much issue anyway as utf-8 should 
generally not be used (possible exceptions being with player names or 
such).  For chat lines utf-8 would be the standard.  Chat lines are also 
limited (by packet length if nothing else) and thus some form of 
truncation or filtering (discarding too-long lines) is needed.  This may 
be done at the client end (limiting lines to 100 letters for instance, 
in GTK code) but should also be checked before such strings received 
across the network are actually used (glib has a function for checking 
UTF-8 string validity, for instance).

I don't know how much of this has been done, but having written most of 
the encoding code I believe this is probably one area where our checks 
fall short.

-jason



_______________________________________________
Freeciv-dev mailing list
Freeciv-dev@gna.org
https://mail.gna.org/listinfo/freeciv-dev

Reply via email to