On 11/22/23 17:30, Gerd Hoffmann wrote:
> Hi,
>
>> - in general, we should filter out surrogate code points, for any use.
>> any UCS2 string from the guest that contains a surrogate code point
>> should be considered invalid, and the request should be rejected based
>> just on that.
>
> Something like this?
yes please (except I'd recommend s/outlaw/reject/ in the comment)
Thanks
laszlo
>
> edk2 seems to be inconsistent with strings, sometimes they are expected
> to include a terminating '\0' char (most of the time), sometimes not
> (in variable policies for example).
>
> gboolean uefi_str_is_valid(const uint16_t *str, size_t len,
> gboolean must_be_null_terminated)
> {
> size_t pos = 0;
>
> for (;;) {
> if (pos == len) {
> if (must_be_null_terminated) {
> return false;
> } else {
> return true;
> }
> }
> switch (str[pos]) {
> case 0:
> /* end of string */
> return true;
> ;;
> case 0xd800 ... 0xdfff:
> /* outlaw surrogates */
> return false;
> default:
> /* char is good, check next */
> break;
> }
> pos++;
> }
> }
>
> take care,
> Gerd
>
