[PATCH 2/8] hex-escape: be more strict about the format while decoding
Jani Nikula
jani at nikula.org
Sat Mar 31 15:17:22 PDT 2012
Signed-off-by: Jani Nikula <jani at nikula.org>
---
This could be folded to "hex-escape: (en|de)code strings to/from
restricted character set".
---
util/hex-escape.c | 7 ++++---
1 files changed, 4 insertions(+), 3 deletions(-)
diff --git a/util/hex-escape.c b/util/hex-escape.c
index 6c1260b..9de79df 100644
--- a/util/hex-escape.c
+++ b/util/hex-escape.c
@@ -21,6 +21,7 @@
#include <assert.h>
#include <string.h>
#include <talloc.h>
+#include <ctype.h>
#include "error_util.h"
#include "hex-escape.h"
@@ -131,18 +132,18 @@ hex_decode (void *ctx, const char *in, char **out, size_t * out_size)
char *endp;
- if (len < 3)
+ if (!isxdigit ((unsigned char) p[1]) ||
+ !isxdigit ((unsigned char) p[2]))
return HEX_SYNTAX_ERROR;
buf[0] = p[1];
buf[1] = p[2];
- *q = strtol (buf, &endp, 16);
+ *q = strtoul (buf, &endp, 16);
if (endp != buf + 2)
return HEX_SYNTAX_ERROR;
- len -= 3;
p += 3;
q++;
} else {
--
1.7.5.4
More information about the notmuch
mailing list