X-Git-Url: https://git.cameronkatri.com/mandoc.git/blobdiff_plain/e331ee9112782ba1b7525324d0f910550d88b3b0..3042a5b54373deab8c467c7f8962ee168b12fee0:/chars.c diff --git a/chars.c b/chars.c index 91db80ef..d758d0cc 100644 --- a/chars.c +++ b/chars.c @@ -1,6 +1,6 @@ -/* $Id: chars.c,v 1.50 2011/07/31 11:24:39 schwarze Exp $ */ +/* $Id: chars.c,v 1.58 2014/07/23 15:00:08 schwarze Exp $ */ /* - * Copyright (c) 2009, 2010 Kristaps Dzonsons + * Copyright (c) 2009, 2010, 2011 Kristaps Dzonsons * Copyright (c) 2011 Ingo Schwarze * * Permission to use, copy, modify, and distribute this software for any @@ -25,6 +25,7 @@ #include #include "mandoc.h" +#include "mandoc_aux.h" #include "libmandoc.h" #define PRINT_HI 126 @@ -37,7 +38,7 @@ struct ln { int unicode; }; -#define LINES_MAX 328 +#define LINES_MAX 330 #define CHAR(in, ch, code) \ { NULL, (in), (ch), (code) }, @@ -51,7 +52,9 @@ struct mchars { struct ln **htab; }; -static const struct ln *find(struct mchars *, const char *, size_t); +static const struct ln *find(const struct mchars *, + const char *, size_t); + void mchars_free(struct mchars *arg) @@ -76,7 +79,7 @@ mchars_alloc(void) */ tab = mandoc_malloc(sizeof(struct mchars)); - htab = mandoc_calloc(PRINT_HI - PRINT_LO + 1, sizeof(struct ln **)); + htab = mandoc_calloc(PRINT_HI - PRINT_LO + 1, sizeof(struct ln *)); for (i = 0; i < LINES_MAX; i++) { hash = (int)lines[i].code[0] - PRINT_LO; @@ -96,7 +99,7 @@ mchars_alloc(void) } int -mchars_spec2cp(struct mchars *arg, const char *p, size_t sz) +mchars_spec2cp(const struct mchars *arg, const char *p, size_t sz) { const struct ln *ln; @@ -109,26 +112,39 @@ mchars_spec2cp(struct mchars *arg, const char *p, size_t sz) char mchars_num2char(const char *p, size_t sz) { - int i; + int i; if ((i = mandoc_strntoi(p, sz, 10)) < 0) return('\0'); + return(i > 0 && i < 256 && isprint(i) ? i : '\0'); } int mchars_num2uc(const char *p, size_t sz) { - int i; + int i; if ((i = mandoc_strntoi(p, sz, 16)) < 0) return('\0'); - /* FIXME: make sure we're not in a bogus range. */ + + /* + * Security warning: + * Never extend the range of accepted characters + * to overlap with the ASCII range, 0x00-0x7F + * without re-auditing the callers of this function. + * Some callers might relay on the fact that we never + * return ASCII characters for their escaping decisions. + * + * XXX Code is missing here to exclude bogus ranges. + */ + return(i > 0x80 && i <= 0x10FFFF ? i : '\0'); } const char * -mchars_spec2str(struct mchars *arg, const char *p, size_t sz, size_t *rsz) +mchars_spec2str(const struct mchars *arg, + const char *p, size_t sz, size_t *rsz) { const struct ln *ln; @@ -143,9 +159,9 @@ mchars_spec2str(struct mchars *arg, const char *p, size_t sz, size_t *rsz) } static const struct ln * -find(struct mchars *tab, const char *p, size_t sz) +find(const struct mchars *tab, const char *p, size_t sz) { - struct ln *pp; + const struct ln *pp; int hash; assert(p); @@ -156,8 +172,8 @@ find(struct mchars *tab, const char *p, size_t sz) hash = (int)p[0] - PRINT_LO; for (pp = tab->htab[hash]; pp; pp = pp->next) - if (0 == strncmp(pp->code, p, sz) && - '\0' == pp->code[(int)sz]) + if (0 == strncmp(pp->code, p, sz) && + '\0' == pp->code[(int)sz]) return(pp); return(NULL);