- edited description
some filesystem(cd9660,ntfs,udf) accepts redundant UTF-8
Issue #22
closed
RFC3629 added following Security consideration:
Security may also be impacted by a characteristic of several character encodings, including UTF-8: the "same thing" (as far as a user can tell) can be represented by several distinct character sequences.
but our UTF-8 -> UCS implementation for filesystem is too old to check redundant byte sequence.
Comments (6)
-
reporter -
reporter - edited description
-
reporter - changed title to some filesystem(cd9660,ntfs,udf) accepts redundant UTF-8
src/sys/fs/unicode.[ch] is correctly checking redundant utf8 byte sequence, it is not vulnerable, no fix is needed.
-
reporter - changed status to resolved
done, HFS+ is not affected this problem.
-
reporter BUGFIX: Issue
#22-- some filesystem(cd9660,ntfs,udf) accepts redundant UTF-8.→ <<cset d52f113eadb6>>
-
reporter - changed status to closed
- Log in to comment