Bug 1029 - strupper_m and strlower_m fail to convert correctly for some MB characters
Summary: strupper_m and strlower_m fail to convert correctly for some MB characters
Status: RESOLVED LATER
Alias: None
Product: Samba 3.0
Classification: Unclassified
Component: Extended Characters (show other bugs)
Version: 3.0.1
Hardware: Other All
: P3 normal
Target Milestone: none
Assignee: Jeremy Allison
QA Contact:
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2004-02-02 00:18 UTC by Shiro Yamada
Modified: 2005-02-07 10:17 UTC (History)
1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Shiro Yamada 2004-02-02 00:18:59 UTC 
In some MB encodings, there are MB upper/lower characters, and MB chars can be
standardised using strupper_m and strlower_m.

These two functions assume no change in size of string before and after the
conversion, and the buffer size is fixed to the lenght of the string before
the conversion. However, for some encodings like EUCJP-MS, this is not the
case. For some MB chars, the size of the string grow after the strlower_m.

If such a special character appears in a string, then the converted string
would exceed the buffer allocated. It would be terminated before the end,
hence some strings may not be converted properly.
Comment 1 Jeremy Allison 2004-02-10 16:17:23 UTC 
This is non-trivial to fix in Samba 3.0. The buffer size is not passed down to
strupper_m or strlower_m so it's hard to allow arbitrary string
extension in these functions. How do you know where to allow the
zero termination ?

The only safe way to do this is to force an upper bound on strlower_m and
strupper_m of something like a pstring length and ensure all callers have
this amount of space available.

Jeremy.
Comment 2 Gerald (Jerry) Carter (dead mail address) 2005-02-07 10:17:03 UTC 
won't fix this in Samba 3.