Follow-up Comment #4, patch #1582 (project freeciv):
Truncation is fundamentally unavoidable unless we strdup-printf every string
we make everywhere, which isn't going to happen. We can cut down on it by
making buffers sufficiently long.
ATM there is an issue with MAX_LEN_NAME. This is supposed to limit city
names, for instance, at 32 characters. Instead it limits then at 32 bytes
which is incorrect. Most places which use it should instead use a longer or
malloc'd buffer, and use fc_utf8_strlen() to make sure the name isn't too
long.
The server should use utf-8 validation on all strings received from the
client, or read from ruleset or savegame. The client should if possible use
utf-8 validation on strings received from the server. How to handle invalid
strings may depend on the situation; in most cases they can just be
truncated.
Having said that, I'm not too sure of the interface pepeto is presenting.
* How do we know just because a character is 4 bytes long that bytes 2-4 are
valid? Does UTF-8 allow any byte sequence in here? What about malicious
chats from the client?
* Casts should not be needed in passing values to these functions. Doing so
is a sign the parameters used are not right. In fact I think one such case
is quite wrong.
* Each function provided should do everything that it needs to.
Specifically, fc_utf8_char_size is not a useful function in its current form
(except for internal usage).
* Are we sure that using these variants everywhere is easier than converting
all freeciv to wide characters?
_______________________________________________________
Reply to this item at:
<http://gna.org/patch/?1582>
_______________________________________________
Message sent via/by Gna!
http://gna.org/
_______________________________________________
Freeciv-dev mailing list
[email protected]
https://mail.gna.org/listinfo/freeciv-dev
