diff options
author | Stephen Dolan <mu@netsoc.tcd.ie> | 2012-09-18 23:45:30 +0100 |
---|---|---|
committer | Stephen Dolan <mu@netsoc.tcd.ie> | 2012-09-18 23:45:30 +0100 |
commit | 134b062be7cf2b62d0e69772836e6312fd9e60d5 (patch) | |
tree | 2ca34f9100509bc7303cfcde9dd7ddad7f222aeb | |
parent | 3898f744dc624782ce21ef287b452183425154eb (diff) |
Fix a parsing bug for \uXXXX escapes (some invalid escapes were accepted).
Found by gcc -O -Wall identifying a use of uninitialised variables.
-rw-r--r-- | jv_parse.c | 6 |
1 files changed, 5 insertions, 1 deletions
@@ -155,6 +155,7 @@ static int unhex4(char* hex) { if ('0' <= c && c <= '9') n = c - '0'; else if ('a' <= c && c <= 'f') n = c - 'a' + 10; else if ('A' <= c && c <= 'F') n = c - 'A' + 10; + else return -1; r <<= 4; r |= n; } @@ -186,7 +187,10 @@ static pfunc found_string(struct jv_parser* p) { /* ahh, the complicated case */ if (in + 4 > end) return "Invalid \\uXXXX escape"; - unsigned long codepoint = unhex4(in); + int hexvalue = unhex4(in); + if (hexvalue < 0) + return "Invalid characters in \\uXXXX escape"; + unsigned long codepoint = (unsigned long)hexvalue; in += 4; if (0xD800 <= codepoint && codepoint <= 0xDBFF) { /* who thought UTF-16 surrogate pairs were a good idea? */ |