| Summary: | SDL_iconv_string doesn't properly signal an error with invalid input sizes | ||
|---|---|---|---|
| Product: | SDL | Reporter: | Simon Hug <chli.hug> |
| Component: | *don't know* | Assignee: | Sam Lantinga <slouken> |
| Status: | ASSIGNED --- | QA Contact: | Sam Lantinga <slouken> |
| Severity: | normal | ||
| Priority: | P2 | ||
| Version: | HG 2.0 | ||
| Hardware: | All | ||
| OS: | All | ||
| Attachments: | A little test case for wrong usage of SDL_iconv_string. | ||
I agree this should be fixed, but I'd like to research what different platforms do in this case, and it doesn't need to hold up 2.0.6. |
Created attachment 2869 [details] A little test case for wrong usage of SDL_iconv_string. SDL_iconv_string can return without encoding all characters and then doesn't signal that an error happened, like returning NULL. This only seems to be possible if the user makes a mistake and calculates the size of the string wrong. The SDL implementation of iconv may throw SDL_ICONV_EINVAL in that case and SDL_iconv_string essentially just exits with the unfinished string. SDL is not responsible for user error, but I think it should signal that something went wrong. If the last character is expected to be a terminating zero and it is missing, well... we all known to what kind of bugs that leads. Since SDL_iconv_string allocates plenty of memory, I also propose that it always adds a terminating zero at the end. The attached program converts a string four times and dumps the memory. I did not test any iconv implementations outside of SDL yet. I'm guessing it's also a problem there.