* mdocml: Tighten Unicode escape name parsing.
@ 2014-10-28 13:24 schwarze
0 siblings, 0 replies; only message in thread
From: schwarze @ 2014-10-28 13:24 UTC (permalink / raw)
To: source
Log Message:
-----------
Tighten Unicode escape name parsing.
Accept only 0xXXXX, 0xYXXXX, 0x10XXXX with Y != 0.
This simplifies mchars_num2uc().
Modified Files:
--------------
mdocml:
chars.c
mandoc.c
Revision Data
-------------
Index: mandoc.c
===================================================================
RCS file: /usr/vhosts/mdocml.bsd.lv/cvs/mdocml/mandoc.c,v
retrieving revision 1.87
retrieving revision 1.88
diff -Lmandoc.c -Lmandoc.c -u -p -r1.87 -r1.88
--- mandoc.c
+++ mandoc.c
@@ -334,13 +334,18 @@ mandoc_escape(const char **end, const ch
if (1 == *sz && 'c' == **start)
gly = ESCAPE_NOSPACE;
/*
- * Unicode escapes are defined in groff as \[uXXXX]
+ * Unicode escapes are defined in groff as \[u0000]
* to \[u10FFFF], where the contained value must be
* a valid Unicode codepoint. Here, however, only
- * check the length and the validity of all digits.
+ * check the length and range.
*/
- else if (*sz > 4 && *sz < 8 && **start == 'u' &&
- (int)strspn(*start + 1, "0123456789ABCDEFabcdef")
+ if (**start != 'u' || *sz < 5 || *sz > 7)
+ break;
+ if (*sz == 7 && ((*start)[1] != '1' || (*start)[2] != '0'))
+ break;
+ if (*sz == 6 && (*start)[1] == '0')
+ break;
+ if ((int)strspn(*start + 1, "0123456789ABCDEFabcdef")
+ 1 == *sz)
gly = ESCAPE_UNICODE;
break;
Index: chars.c
===================================================================
RCS file: /usr/vhosts/mdocml.bsd.lv/cvs/mdocml/chars.c,v
retrieving revision 1.62
retrieving revision 1.63
diff -Lchars.c -Lchars.c -u -p -r1.62 -r1.63
--- chars.c
+++ chars.c
@@ -123,14 +123,9 @@ mchars_num2uc(const char *p, size_t sz)
{
int i;
- if ((i = mandoc_strntoi(p, sz, 16)) < 0)
- return(0xFFFD);
-
- /*
- * XXX Code is missing here to exclude bogus ranges.
- */
-
- return(i <= 0x10FFFF ? i : 0xFFFD);
+ i = mandoc_strntoi(p, sz, 16);
+ assert(i >= 0 && i <= 0x10FFFF);
+ return(i);
}
const char *
--
To unsubscribe send an email to source+unsubscribe@mdocml.bsd.lv
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2014-10-28 13:24 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2014-10-28 13:24 mdocml: Tighten Unicode escape name parsing schwarze
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).