pidgin: 661db628: says, "A

Mark Doliner mark at
Thu Nov 5 03:21:15 EST 2009

On Wed, Nov 4, 2009 at 11:25 PM, Richard Laager <rlaager at> wrote:
> On Wed, 2009-11-04 at 17:21 -0500, markdoliner at wrote:
>> says, "All strings in Feedbag are UTF8
>> encoded."  So stop trying to validate stuff as utf8 then salvage when
>> it isn't and just display broken crap or crash.
> This seems like a bad idea. If we can really crash on invalid data, this
> is going to be our next security issue.

Yeah, maybe.  It would only be invalid date in your own roster, which
wouldn't be considered a security issue because it isn't remotely
exploitable (although it would be a nuisance to any person who is
affected).  I wondered if there is some possibility of non-utf8 in an
ICQ friend request, but these changes don't affect that.


More information about the Devel mailing list