On Sat, 2019-02-23 at 23:36 +0000, mabri--- via Podofo-svn wrote:
> Revision: 1969
> http://sourceforge.net/p/podofo/code/1969
> Author: mabri
> Date: 2019-02-23 23:36:10 +0000 (Sat, 23 Feb 2019)
> Log Message:
> -----------
> Fix heap-buffer-overflow in PdfString::ConvertUTF16toUTF8
Hi,
if I look on this change properly, there are always chances I do not,
then it's wrong.
First of all, it should not invent its own conventions. See for example
the manual page for wcstombs, it would be really better to follow some
standard, when the function is more or less the same pattern.
Second, the changed behavior can cause issues in already existing code.
Imagine some code expects the return value will never be larger than
the allocated buffer, just like PdfString::InitUtf8() does. It was
perfectly valid expectation until now. After this change, any existing
code can cause write out of buffer bounds. That's another reason why to
follow the first point.
One unrelated thing, from r1970: mabri, if you add some comments which
the author of the change didn't have and they are more or less "for
you", then claim that it's your comment, like sign there yourself. Yes,
you have it in the commit message and there are tools like `svn blame`,
but you claim there "IMO at least", but there's no context that it's
you, not the commit author or anyone whom can change the comment and
break the `svn blame` into several tries. I do not think that commit
messages are the place for personal opinions, really. See how Dom, the
PoDoFo maintainer, writes the commit messages. There is some pattern
the project uses for years.
Bye,
zyx
_______________________________________________
Podofo-users mailing list
Podofo-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/podofo-users
