Commented a DoS weakness of the browser box.

author: Guillaume Melquiond <guillaume.melquiond@gmail.com> 2007-10-19 10:14:32 +0000
committer: Guillaume Melquiond <guillaume.melquiond@gmail.com> 2007-10-19 10:14:32 +0000
commit: 46d62ec078de6edabc1979dbdbe7d51189cf2143 (patch)
tree: 025295ff68fcd60e3f83fb7b90a34cf4033a4e39 /src
parent: 7965fc105191a74a9b8c26ee8b646c7394434a9a (diff)
download: mana-client-46d62ec078de6edabc1979dbdbe7d51189cf2143.tar.gz
mana-client-46d62ec078de6edabc1979dbdbe7d51189cf2143.tar.bz2
mana-client-46d62ec078de6edabc1979dbdbe7d51189cf2143.tar.xz
mana-client-46d62ec078de6edabc1979dbdbe7d51189cf2143.zip
1 files changed, 4 insertions, 0 deletions
diff --git a/src/gui/browserbox.cpp b/src/gui/browserbox.cpp
index 262d9c31..584f2911 100644
--- a/src/gui/browserbox.cpp
+++ b/src/gui/browserbox.cpp
@@ -372,6 +372,10 @@ BrowserBox::draw(gcn::Graphics *graphics)
                 char const *hyphen = "~";
                 int hyphenWidth =  font->getWidth(hyphen);
 
+                /* FIXME: This code layout makes it easy to crash remote
+                   clients by talking garbage. Forged long utf-8 characters
+                   will cause either a buffer underflow in substr or an
+                   infinite loop in the main loop. */
                 do
                 {
                     if (!forced)
author	Guillaume Melquiond <guillaume.melquiond@gmail.com>	2007-10-19 10:14:32 +0000
committer	Guillaume Melquiond <guillaume.melquiond@gmail.com>	2007-10-19 10:14:32 +0000
commit	46d62ec078de6edabc1979dbdbe7d51189cf2143 (patch)
tree	025295ff68fcd60e3f83fb7b90a34cf4033a4e39 /src
parent	7965fc105191a74a9b8c26ee8b646c7394434a9a (diff)
download	mana-client-46d62ec078de6edabc1979dbdbe7d51189cf2143.tar.gz mana-client-46d62ec078de6edabc1979dbdbe7d51189cf2143.tar.bz2 mana-client-46d62ec078de6edabc1979dbdbe7d51189cf2143.tar.xz mana-client-46d62ec078de6edabc1979dbdbe7d51189cf2143.zip