diff options
| author | Ingo Schwarze <schwarze@cvs.openbsd.org> | 2014-10-28 13:22:58 +0000 |
|---|---|---|
| committer | Ingo Schwarze <schwarze@cvs.openbsd.org> | 2014-10-28 13:22:58 +0000 |
| commit | 24322f395665631cc678573c61a088bf15bc333c (patch) | |
| tree | 4ba47392e0dd472f6082d1c8d122d1747f47dff4 /usr.bin/mandoc | |
| parent | 32db03e6eeb5934bde3c193ce463cf88c7f1fa23 (diff) | |
Tighten Unicode escape name parsing.
Accept only 0xXXXX, 0xYXXXX, 0x10XXXX with Y != 0.
This simplifies mchars_num2uc().
Diffstat (limited to 'usr.bin/mandoc')
| -rw-r--r-- | usr.bin/mandoc/chars.c | 13 | ||||
| -rw-r--r-- | usr.bin/mandoc/mandoc.c | 15 |
2 files changed, 14 insertions, 14 deletions
diff --git a/usr.bin/mandoc/chars.c b/usr.bin/mandoc/chars.c index 00713a9cd30..39adcf92d3e 100644 --- a/usr.bin/mandoc/chars.c +++ b/usr.bin/mandoc/chars.c @@ -1,4 +1,4 @@ -/* $OpenBSD: chars.c,v 1.32 2014/10/27 13:29:30 schwarze Exp $ */ +/* $OpenBSD: chars.c,v 1.33 2014/10/28 13:22:57 schwarze Exp $ */ /* * Copyright (c) 2009, 2010, 2011 Kristaps Dzonsons <kristaps@bsd.lv> * Copyright (c) 2011, 2014 Ingo Schwarze <schwarze@openbsd.org> @@ -121,14 +121,9 @@ mchars_num2uc(const char *p, size_t sz) { int i; - if ((i = mandoc_strntoi(p, sz, 16)) < 0) - return(0xFFFD); - - /* - * XXX Code is missing here to exclude bogus ranges. - */ - - return(i <= 0x10FFFF ? i : 0xFFFD); + i = mandoc_strntoi(p, sz, 16); + assert(i >= 0 && i <= 0x10FFFF); + return(i); } const char * diff --git a/usr.bin/mandoc/mandoc.c b/usr.bin/mandoc/mandoc.c index 288dd3dde4f..6a37ce10b06 100644 --- a/usr.bin/mandoc/mandoc.c +++ b/usr.bin/mandoc/mandoc.c @@ -1,4 +1,4 @@ -/* $Id: mandoc.c,v 1.54 2014/10/13 17:16:25 schwarze Exp $ */ +/* $Id: mandoc.c,v 1.55 2014/10/28 13:22:57 schwarze Exp $ */ /* * Copyright (c) 2008, 2009, 2010, 2011 Kristaps Dzonsons <kristaps@bsd.lv> * Copyright (c) 2011, 2012, 2013, 2014 Ingo Schwarze <schwarze@openbsd.org> @@ -332,13 +332,18 @@ mandoc_escape(const char **end, const char **start, int *sz) if (1 == *sz && 'c' == **start) gly = ESCAPE_NOSPACE; /* - * Unicode escapes are defined in groff as \[uXXXX] + * Unicode escapes are defined in groff as \[u0000] * to \[u10FFFF], where the contained value must be * a valid Unicode codepoint. Here, however, only - * check the length and the validity of all digits. + * check the length and range. */ - else if (*sz > 4 && *sz < 8 && **start == 'u' && - (int)strspn(*start + 1, "0123456789ABCDEFabcdef") + if (**start != 'u' || *sz < 5 || *sz > 7) + break; + if (*sz == 7 && ((*start)[1] != '1' || (*start)[2] != '0')) + break; + if (*sz == 6 && (*start)[1] == '0') + break; + if ((int)strspn(*start + 1, "0123456789ABCDEFabcdef") + 1 == *sz) gly = ESCAPE_UNICODE; break; |