Another g_markup_escape_text Vulnerability

Ethan Blanton elb at pidgin.im
Fri May 4 23:17:13 EDT 2012


Elliott Sales de Andrade spake unto us the following wisdom:
> > - If msg->charset is set to something other than UTF-8 and
> > g_convert(msg->charset to UTF-8) fails and g_convert(ISO-8859-1 to
> > UTF-8) fails
> >
> 
> Is it even possible for ISO-8859-1->UTF-8 conversion to fail? I thought all
> bytes are valid ISO-8859-1 and there are no multi-byte characters. I tried
> converting a buffer of 255-0 which did not induce an error.

Not on any sane system, no.  That isn't to say there are no systems
out there that violate this.  ;-)

Ethan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 482 bytes
Desc: Digital signature
URL: <http://pidgin.im/cgi-bin/mailman/private/security/attachments/20120504/4c710fc4/attachment.pgp>


More information about the security mailing list