From 46d62ec078de6edabc1979dbdbe7d51189cf2143 Mon Sep 17 00:00:00 2001
From: Guillaume Melquiond <guillaume.melquiond@gmail.com>
Date: Fri, 19 Oct 2007 10:14:32 +0000
Subject: Commented a DoS weakness of the browser box.

---
 src/gui/browserbox.cpp | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/gui/browserbox.cpp b/src/gui/browserbox.cpp
index 262d9c31..584f2911 100644
--- a/src/gui/browserbox.cpp
+++ b/src/gui/browserbox.cpp
@@ -372,6 +372,10 @@ BrowserBox::draw(gcn::Graphics *graphics)
                 char const *hyphen = "~";
                 int hyphenWidth =  font->getWidth(hyphen);
 
+                /* FIXME: This code layout makes it easy to crash remote
+                   clients by talking garbage. Forged long utf-8 characters
+                   will cause either a buffer underflow in substr or an
+                   infinite loop in the main loop. */
                 do
                 {
                     if (!forced)
-- 
cgit v1.2.3-70-g09d2