Changeset 654

Timestamp:

Aug 6, 2006 2:11:52 PM (18 years ago)

Author:

bennylp

Message:

Change unescaping function in scanner and string.c to NOT unescape when '%' is not followed by hex digits.

Location:

pjproject/trunk/pjlib-util/src/pjlib-util

Files:

• scanner.c (modified) (1 diff)
• string.c (modified) (1 diff)

pjproject/trunk/pjlib-util/src/pjlib-util/scanner.c

@@ -304 +304 @@
     do {
         if (*s == '%') {
-            if (s+3 <= scanner->end) {
-                /* This doesn't check if the hex digits are valid.
-                 * If they dont' it will produce garbage characters, but
-                 * no harm is done to the application (e.g. no illegal
-                 * memory access.
-                 */
+            if (s+3 <= scanner->end && pj_isxdigit(*(s+1)) && 
+                pj_isxdigit(*(s+2))) 
+            {
                 *dst = (pj_uint8_t) ((pj_hex_digit_to_val(*(s+1)) << 4) +
                                       pj_hex_digit_to_val(*(s+2)));

pjproject/trunk/pjlib-util/src/pjlib-util/string.c

@@ -35 +35 @@
 
     while (src != end) {
-        if (*src == '%' && src < end-2) {
+        if (*src == '%' && src < end-2 && pj_isxdigit(*(src+1)) && 
+            pj_isxdigit(*(src+2))) 
+        {
             *dst = (pj_uint8_t) ((pj_hex_digit_to_val(*(src+1)) << 4) + 
                                  pj_hex_digit_to_val(*(src+2)));