ObjFW  View Ticket

Currently, OFString does not reject a \0 within the string. However, OFStrings often get passed as C strings. Therefore, either one of the following should be done:

• Audit all occurrences where an OFString is passed as a C string.
• Truncate the length to the first occurrence of \0.
• Extend the current string checking code to reject \0 in there if a length has been specified.
  • If no length has been specified, it cannot be longer until the \0 anyway.
  • A good place for this would be in the code that checks whether the passed string is valid UTF-8, to avoid going through the same string twice.
    • This means strings of another encoding need to check for \0 during their conversion to UTF-8, as UTF-8 is not validated there since it was just converted and hence assumed correct.

The first option probably doesn't scale, as there are many places where an OFString is passed as a C string and doesn't cover where this is being done outside of ObjFW. So this would be a potential foot gun for users.

The second option might be unexpected and lead to bugs, because the user has just specified a length for the string to create, but the just created string has a different length.

Therefore, the third option probably makes most sense.

Another option is to allow 0 in strings, but throw an OFInvalidEncodingException for any method that returns a 0 terminated string. This is probably the best option.

Implemented in 6fbc3b18c7.

Further tests will be added later, but for now, this is tested via the JSON tests.