GNOME Bugzilla – Bug 346856
xmlCharEncOutFunc returns -3 when trying to convert 1024 Chars from UTF8 to WCHAR_T (32bit)
Last modified: 2021-07-05 13:20:41 UTC
Please describe the problem: The problem occures in xmlCharEncOutFunc when you have a String with exactly 1024 chars (8bit) and you try to convert it with Handler "WCHAR_T". Here is the code-location where it happens: if (toconv * 2 >= written) { xmlBufferGrow(out, toconv * 2); written = out->size - out->use - 1; } toconv has a value of 1024, multiplied by 2 is 2048 written has a value of 4095. This value comes from the initial output buffer size (4096) minus 1 Because 2048 is less than 4095 the code is the opinion, that is doesn't have to increase the output buffer. But the truth is, that the code should multiply the incoming size of 1024 by 4 (4 Byte = 32bit) to determine whether it should resize the buffer Steps to reproduce: char szBuffer[1025]; memset(szBuffer, 'A', 1024); szBuffer[1024] = 0; xmlCharEncodingHandlerPtr handler = xmlFindCharEncodingHandler("WCHAR_T"); xmlBufferPtr outBuffer = xmlBufferCreate(); xmlBufferPtr inBuffer = xmlBufferCreateStatic(szBuffer, 1024); xmlCharEncOutFunc(handler, outBuffer, 0); xmlCharEncOutFunc(handler, outBuffer, inBuffer); Actual results: xmlCharEncOutFunc returns -3 Expected results: a correct conversion of the 1024 chars Does this happen every time? yes Other information:
GNOME is going to shut down bugzilla.gnome.org in favor of gitlab.gnome.org. As part of that, we are mass-closing older open tickets in bugzilla.gnome.org which have not seen updates for a longer time (resources are unfortunately quite limited so not every ticket can get handled). If you can still reproduce the situation described in this ticket in a recent and supported software version, then please follow https://wiki.gnome.org/GettingInTouch/BugReportingGuidelines and create a new ticket at https://gitlab.gnome.org/GNOME/libxml2/-/issues/ Thank you for your understanding and your help.