perl-unicode
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Unicode 3.0.1 fixes UTF-8 spec security problem

2000-12-05 05:29:36
from [Markus Kuhn] [Permanent Link] 
Finally: The Unicode 3.0.1 standard changes the definition of UTF-8 such
that overlong sequences must be signalled as an error condition by a
conforming decoder, which is what we had recommended anyway for a long
time for security reasons:

  http://www.unicode.org/unicode/uni2errata/UTF-8_Corrigendum.html

Please check all your decoders. Test cases are on:

  http://www.cl.cam.ac.uk/~mgk25/ucs/examples/UTF-8-test.txt

Markus

-- 
Markus G. Kuhn, Computer Laboratory, University of Cambridge, UK
Email: mkuhn at acm.org,  WWW: <http://www.cl.cam.ac.uk/~mgk25/>
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • Unicode 3.0.1 fixes UTF-8 spec security problem, Markus Kuhn <=
Previous by Date:  Re: perl(_at_)7979, Philip Newton
Next by Date:  Re: Cyrillic and Unicode, Markus Kuhn
Previous by Thread:  Re: perl(_at_)7979, Philip Newton
Next by Thread:  Picu: Perl wrappers for ICU, bstell
Indexes:  [Date] [Thread] [Top] [All Lists]