A runtime sometimes converts string arguments (or string returns) from WTF-16 to UTF-16 between functions in a call stack. Is this a security concern?
Suppose that we have this code (in TypeScript syntax):
function one(str: string): string {
// do something with the string
return str
}
function two() {
let s = getSomeString() // returns some unknown string that may contain surroga… Continue reading A runtime sometimes converts string arguments (or string returns) from WTF-16 to UTF-16 between functions in a call stack. Is this a security concern?