decode_utf8: add an enumeration of failure reasons.

Now you can optionally get back an enum value indicating whether the character was successfully decoded, or whether U+FFFD was substituted due to some kind of problem, and if the latter, what problem. For a start, this allows distinguishing 'real' U+FFFD (encoded legitimately in the input) from one invented by the decoder. Also, it allows the recipient of the decode to treat failures differently, either by passing on a useful error report to the user (as utf8_unknown_char now does) or by doing something special. In particular, there are two distinct error codes for a truncated UTF-8 encoding, depending on whether it was truncated by the end of the input or by encountering a non-continuation byte. The former code means that the string is not legal UTF-8 _as it is_, but doesn't rule out it being a (bytewise) prefix of a legal UTF-8 string - so if a client is receiving UTF-8 data a byte at a time, they can treat that error code specially and not make it a fatal error.
2025-07-17 11:00:59 -05:00 · 2023-02-17 16:39:09 +00:00
parent 9d308b39da
commit 9e01de7c2b
6 changed files with 147 additions and 45 deletions
--- a/utils/decode_utf8_to_wchar.c
+++ b/utils/decode_utf8_to_wchar.c
@ -5,10 +5,11 @@
 #include "putty.h"
 #include "misc.h"

-size_t decode_utf8_to_wchar(BinarySource *src, wchar_t *out)
+size_t decode_utf8_to_wchar(BinarySource *src, wchar_t *out,
+                            DecodeUTF8Failure *err)
 {
    size_t outlen = 0;
-    unsigned wc = decode_utf8(src);
+    unsigned wc = decode_utf8(src, err);
    if (sizeof(wchar_t) > 2 || wc < 0x10000) {
        out[outlen++] = wc;
    } else {