...
The length of the new
Stringis a function of the charset, and hence may not be equal to the length of the byte array. The behavior of this constructor when the given bytes are not valid in the given charset is unspecified.
See This guideline falls under EX0 of guideline FIO11-J. Do not attempt to read raw binary data as character data. Also, see the related guideline FIO02-J. Keep track of bytes read and account for character encoding while reading data for more information.
...
Search for vulnerabilities resulting from the violation of this guideline on the CERT website.
Bibliography
| Wiki Markup |
|---|
\[[Encodings 2006|AA. Bibliography#Encodings 06]\] |
...