From 5e49ea4d1f71d9134734011f2151cae4dbec5e5f Mon Sep 17 00:00:00 2001 From: "Arnold D. Robbins" Date: Thu, 15 Dec 2022 20:34:49 +0200 Subject: Limit \x to two following characters. --- FIXES | 6 ++++++ lex.c | 31 ++++++++++++++++++++----------- main.c | 2 +- 3 files changed, 27 insertions(+), 12 deletions(-) diff --git a/FIXES b/FIXES index fdf782e..53c7841 100644 --- a/FIXES +++ b/FIXES @@ -25,6 +25,12 @@ THIS SOFTWARE. This file lists all bug fixes, changes, etc., made since the AWK book was sent to the printers in August 1987. +Dec 15, 2022: + Force hex escapes in strings to be no more than two characters, + as they already are in regular expressions. This brings internal + consistency, as well as consistency with gawk. Thanks to + Arnold Robbins. + Sep 12, 2022: adjbuf minlen error (cannot be 0) in cat, resulting in NULL pbuf. discovered by todd miller. also use-after-free issue with diff --git a/lex.c b/lex.c index c162a70..a5feff4 100644 --- a/lex.c +++ b/lex.c @@ -416,19 +416,28 @@ int string(void) break; case 'x': /* hex \x0-9a-fA-F + */ - { char xbuf[100], *px; - for (px = xbuf; (c = input()) != 0 && px-xbuf < 100-2; ) { - if (isdigit(c) - || (c >= 'a' && c <= 'f') - || (c >= 'A' && c <= 'F')) - *px++ = c; - else + { + int i; + + n = 0; + for (i = 1; i <= 2; i++) { + c = input(); + if (c == 0) + break; + if (isxdigit(c)) { + c = tolower(c); + n *= 16; + if (isdigit(c)) + n += (c - '0'); + else + n += 10 + (c - 'a'); + } else break; } - *px = 0; - unput(c); - sscanf(xbuf, "%x", (unsigned int *) &n); - *bp++ = n; + if (n) + *bp++ = n; + else + unput(c); break; } diff --git a/main.c b/main.c index f0b8608..2ec513c 100644 --- a/main.c +++ b/main.c @@ -22,7 +22,7 @@ ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. ****************************************************************/ -const char *version = "version 20220912"; +const char *version = "version 20221215"; #define DEBUG #include -- cgit v1.2.3