Hi Alastair,
On Mon, Oct 28, 2024 at 06:47:52AM +0000, Alastair McKinstry wrote:
> I think going with the Ubuntu solution for now looks like the most pragmatic
> answer.
I think the Ubuntu answer is a latent security issue. As noted on irc,
it can be made safe by also adding a compile time assertion that
sizeof(wchar_t) == sizeof(FriBidiChar).
Consider also adding:
typedef char static_assertion_wchar_size[(sizeof(wchar_t) ==
sizeof(FriBidiChar))?1:-1];
Once you do this, the cast can no longer cause an out-of-bounds access
without failing compilation.
Helmut
