tag 442250 + wontfix
thanks
On Tue, Sep 18, 2007 at 09:48:55PM +0000, sean finney wrote:
> iconv_t
> iconv_open (const char *tocode, const char *fromcode)
> {
> char *tocode_conv;
> char *fromcode_conv;
> size_t tocode_len;
> size_t fromcode_len;
> __gconv_t cd;
> int res;
>
> /* Normalize the name. We remove all characters beside alpha-numeric,
> '_', '-', '/', '.', and ':'. */
> tocode_len = strlen (tocode);
> tocode_conv = (char *) alloca (tocode_len + 3);
> ....
> =====================
>
> so it's not surprising that big strings could end up being problematic...
OTOH the caller should check those are likely charsets. I mean calling
iconv_open with strhings that are longer than a few octets is completely
silly. The longest charset the libc recognize is 22 chars long, 32 if
you append //TRANSLIT to it.
mallocing for that is completly silly, and the caller should do some
basic sanitizing first.
--
·O· Pierre Habouzit
··O madcoder@debian.org
OOO http://www.madism.org
Attachment:
pgphQG2z3Vgis.pgp
Description: PGP signature