Project

General

Profile

Bug #71

passwords using non-ascii

Added by Jason Pyeron almost 5 years ago. Updated almost 5 years ago.

Status:
New
Priority:
High
Assignee:
-
Target version:
-
Start date:
01/02/2015
Due date:
% Done:

0%


Description

most input methods support non-ascii, typically in the form of unicode.

further most APIs expect unicode data in the form of UTF8 ot UTF16

There is a consistent inconsistency in the code as to the use of 8bit and 16bit characters (no use of 32bit) and free love exchanges between them. This creaes weaknesses and vulnerabilities.

http://stackoverflow.com/questions/10766838/converting-file-in-utf-8-to-utf-16

all user input data structures & APIs should be standardized to UTF8 (or something else).

History

#1 Updated by Jason Pyeron almost 5 years ago

Fix VerifyPasswordAndUpdate2 to use unicode

Also available in: Atom PDF