Fix a parsing bug for \uXXXX escapes (some invalid escapes were accepted).

author Stephen Dolan <mu@netsoc.tcd.ie>

Tue, 18 Sep 2012 22:45:30 +0000 (23:45 +0100)

committer Stephen Dolan <mu@netsoc.tcd.ie>

Tue, 18 Sep 2012 22:45:30 +0000 (23:45 +0100)
author Stephen Dolan <mu@netsoc.tcd.ie>
Tue, 18 Sep 2012 22:45:30 +0000 (23:45 +0100)
committer Stephen Dolan <mu@netsoc.tcd.ie>
Tue, 18 Sep 2012 22:45:30 +0000 (23:45 +0100)
diff --git a/jv_parse.c b/jv_parse.c

index e4565ef704f350bfa3a9c1112e17259555339c63..63cdf9350f3d147e5dddf7adfd64b7a209b6abc3 100644 (file)
--- a/jv_parse.c
+++ b/jv_parse.c
@@ -155,6 +155,7 @@ static int unhex4(char* hex) {
      if ('0' <= c && c <= '9') n = c - '0';
      else if ('a' <= c && c <= 'f') n = c - 'a' + 10;
      else if ('A' <= c && c <= 'F') n = c - 'A' + 10;
+    else return -1;
      r <<= 4;
      r |= n;
    }
@@ -186,7 +187,10 @@ static pfunc found_string(struct jv_parser* p) {
          /* ahh, the complicated case */
          if (in + 4 > end)
            return "Invalid \\uXXXX escape";
-        unsigned long codepoint = unhex4(in);
+        int hexvalue = unhex4(in);
+        if (hexvalue < 0)
+          return "Invalid characters in \\uXXXX escape";
+        unsigned long codepoint = (unsigned long)hexvalue;
          in += 4;
          if (0xD800 <= codepoint && codepoint <= 0xDBFF) {
            /* who thought UTF-16 surrogate pairs were a good idea? */
author	Stephen Dolan <mu@netsoc.tcd.ie>
	Tue, 18 Sep 2012 22:45:30 +0000 (23:45 +0100)
committer	Stephen Dolan <mu@netsoc.tcd.ie>
	Tue, 18 Sep 2012 22:45:30 +0000 (23:45 +0100)