Ver código fonte

libbb: @ in "\x3@" is not a valid hex digit

function                                             old     new   delta
bb_process_escape_sequence                           134     141      +7

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko 6 anos atrás
pai
commit
480c7e5dfb
1 arquivos alterados com 10 adições e 2 exclusões
  1. 10 2
      libbb/process_escape_sequence.c

+ 10 - 2
libbb/process_escape_sequence.c

@@ -41,8 +41,16 @@ char FAST_FUNC bb_process_escape_sequence(const char **ptr)
 		unsigned d = (unsigned char)(*q) - '0';
 #else
 		unsigned d = (unsigned char)_tolower(*q) - '0';
-		if (d >= 10)
-			d += ('0' - 'a' + 10);
+		if (d >= 10) {
+			//d += ('0' - 'a' + 10);
+			/* The above would maps 'A'-'F' and 'a'-'f' to 10-15,
+			 * however, some chars like '@' would map to 9 < base.
+			 * Do not allow that, map invalid chars to N > base:
+			 */
+			d += ('0' - 'a');
+			if ((int)d >= 0)
+				d += 10;
+		}
 #endif
 		if (d >= base) {
 			if (WANT_HEX_ESCAPES && base == 16) {