From: Jarkko Hietaniemi <jhi@iki.fi>
Date: Mon, 12 Nov 2001 13:11:55 +0000 (+0000)
Subject: Add a note about the dangers of bad UTF-8.
X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?a=commitdiff_plain;h=bf0fa0b28861f64af680a3c19765ac8a24e4f2bd;p=p5sagit%2Fp5-mst-13.2.git

Add a note about the dangers of bad UTF-8.

p4raw-id: //depot/perl@12953
---

diff --git a/pod/perlunicode.pod b/pod/perlunicode.pod
index 2c9b078..277238e 100644
--- a/pod/perlunicode.pod
+++ b/pod/perlunicode.pod
@@ -742,6 +742,18 @@ is not extensible beyond 0xFFFF, because it does not use surrogates.
 A seven-bit safe (non-eight-bit) encoding, useful if the
 transport/storage is not eight-bit safe.  Defined by RFC 2152.
 
+=head2 Security Implications of Malformed UTF-8
+
+Unfortunately, the specification of UTF-8 leaves some room for
+interpretation of how many bytes of encoded output one should generate
+from one input Unicode character.  Strictly speaking, one is supposed
+to always generate the shortest possible sequence of UTF-8 bytes,
+because otherwise there is potential for input buffer overflow at the
+receiving end of a UTF-8 connection.  Perl always generates the shortest
+length UTF-8, and with warnings on (C<-w> or C<use warnings;>) Perl will
+warn about non-shortest length UTF-8 (and other malformations, too,
+such as the surrogates, which are not real character code points.)
+
 =head2 Unicode in Perl on EBCDIC
 
 The way Unicode is handled on EBCDIC platforms is still rather