Details
Description
The SERCOS specification allows an IDN name length of 60 visible characters as maximum. Since the characters are UTF8 coded, these may have a length of 1-4 bytes. That means that the maximum bytes length of the IDN name is 240 bytes. The stack only rejects names with bytes length bigger than 240 bytes. But no checking is done about the real characters number or the string validity.
Correct behavior:
- IDN name bytes bigger than 240 bytes -> Error
- IDN name characters number bigger than 60 visible UTF8 characters -> Error
- IDN name string with invalid characters (UTF8 not conform) -> Error
The last 2 checks have to be implemented for the services SIII_SL_IDN_CMD_CREATE_IDN_REQ and SIII_SL_IDN_CMD_SET_IDN_NAME_REQ.