At 10:10 PM +0900 10/14/02, Soobok Lee wrote: >Most applications programmer have been reserving 256 bytes for any LDH >FQDN buffer space .
It is amazingly arrogant for anyone to make statements about "most applications programmer". >But that convention should be changed to cover the cases of long utf8 >IDN FQDN which may be >3 or 4 times longer than 256 octets. Why just UTF8? Why not UTF16? Or GB? Or ... ? >If this warning is neglected by application programmers, >some remote malicious crackers will send to users' applications long ACE >IDNs manufactured to >cause buffer overflow errors when toUnicoded and seaze control of the >machine. Oh, come on. Step 6 of ToUnicode is exactly two words long. Which one of those two words do you think that other applications programmers will not understand? --Paul Hoffman, Director --Internet Mail Consortium
