On Sat, 2019-02-23 at 23:36 +0000, mabri--- via Podofo-svn wrote: > Revision: 1969 > http://sourceforge.net/p/podofo/code/1969 > Author: mabri > Date: 2019-02-23 23:36:10 +0000 (Sat, 23 Feb 2019) > Log Message: > ----------- > Fix heap-buffer-overflow in PdfString::ConvertUTF16toUTF8
Hi, if I look on this change properly, there are always chances I do not, then it's wrong. First of all, it should not invent its own conventions. See for example the manual page for wcstombs, it would be really better to follow some standard, when the function is more or less the same pattern. Second, the changed behavior can cause issues in already existing code. Imagine some code expects the return value will never be larger than the allocated buffer, just like PdfString::InitUtf8() does. It was perfectly valid expectation until now. After this change, any existing code can cause write out of buffer bounds. That's another reason why to follow the first point. One unrelated thing, from r1970: mabri, if you add some comments which the author of the change didn't have and they are more or less "for you", then claim that it's your comment, like sign there yourself. Yes, you have it in the commit message and there are tools like `svn blame`, but you claim there "IMO at least", but there's no context that it's you, not the commit author or anyone whom can change the comment and break the `svn blame` into several tries. I do not think that commit messages are the place for personal opinions, really. See how Dom, the PoDoFo maintainer, writes the commit messages. There is some pattern the project uses for years. Bye, zyx _______________________________________________ Podofo-users mailing list Podofo-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/podofo-users