GNOME Bugzilla – Bug 666803
g_utf8_validate() fails to validate strings with known size
Last modified: 2011-12-24 15:08:43 UTC
g_utf8_validate() documentation claims that max_length is the number of _bytes_ to validate. Documentation also says that g_utf8_validate() will fail if it encounters NULL _before_ max_length bytes is read. However, it ALSO fails if it encounters NULL _at_ (max_length-1)th byte. The code responsible is: if ((max_len >= 0 && p != str + max_len) || (max_len < 0 && *p != '\0')) return FALSE; Note that fast_validate_len() returns a pointer to the last byte it read (which is either (max_len - 1)th byte OR NULL, whichever comes first. However, the test fails if p != str + max_len. "str + maxlen" is equivalent to str[max_len], that is, it goes beyond the size of the buffer (which is max_len), thinking that max_len is the length of the string, which is not true. This, obviously, doesn't affect applications that use -1 for max_len, or that pass strlen(str) as max_len. How to fix: check for (p != str + max_len - 1)
Created attachment 204177 [details] A test program that illustrates the point.
After discussion on IRC, we clarified the syntax of the documentation in http://git.gnome.org/browse/glib/commit/?id=c4fc2584241dadeedee7b21bd24ca5708d6318e8 to be clearer about the fact that this is the intended behavior.