Add clarifying comment on use of MultiByteToWideChar() and CP_ACP Signed-off-by: Simon Butcher <simon.butcher@arm.com>

commit: 35e5dad8653b2221898a5f0f4c96e918ead7c9a8 [log] [tgz]
author: Simon Butcher <simon.butcher@arm.com> Thu Mar 15 15:00:03 2018 +0000
committer: Minos Galanakis <minos.galanakis@arm.com> Mon Sep 25 14:12:21 2023 +0100
tree: 0eadabbe9bedfead91e72c9d1d21170e4c3870e0
parent: bcb6cfb13d423a208f9a9358863ca227c35be67f [diff] [blame]
diff --git a/library/x509_crt.c b/library/x509_crt.c
index f73e215..2ad051f 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c

@@ -1573,6 +1573,14 @@
     if (FAILED (SizeTToInt(len, &lengthAsInt)))
         return(MBEDTLS_ERR_X509_FILE_IO_ERROR);
 
+    /*
+     * Note this function uses the code page CP_ACP, and assumes the incoming
+     * string is encoded in ANSI, before translating it into Unicode. If the
+     * incoming string were changed to be UTF-8, then the length check needs to
+     * change to check the number of characters, not the number of bytes, in the
+     * incoming string are less than MAX_PATH to avoid a buffer overrun with
+     * MultiByteToWideChar().
+     */
     w_ret = MultiByteToWideChar(CP_ACP, 0, filename, (int) len, szDir,
                                 MAX_PATH - 3);
     if (w_ret == 0) {
commit	35e5dad8653b2221898a5f0f4c96e918ead7c9a8	[log] [tgz]
author	Simon Butcher <simon.butcher@arm.com>	Thu Mar 15 15:00:03 2018 +0000
committer	Minos Galanakis <minos.galanakis@arm.com>	Mon Sep 25 14:12:21 2023 +0100
tree	0eadabbe9bedfead91e72c9d1d21170e4c3870e0
parent	bcb6cfb13d423a208f9a9358863ca227c35be67f [diff] [blame]