Mercurial > hg > nginx
comparison src/core/ngx_string.c @ 7067:e3723f2a11b7
Parenthesized ASCII-related calculations.
This also fixes potential undefined behaviour in the range and slice filter
modules, caused by local overflows of signed integers in expressions.
| author | Valentin Bartenev <vbart@nginx.com> |
|---|---|
| date | Mon, 17 Jul 2017 17:23:51 +0300 |
| parents | 289403abc84e |
| children | 874171c3c71a |
comparison
equal
deleted
inserted
replaced
| 7066:a27e0c7e198c | 7067:e3723f2a11b7 |
|---|---|
| 176 max_width = 0; | 176 max_width = 0; |
| 177 frac_width = 0; | 177 frac_width = 0; |
| 178 slen = (size_t) -1; | 178 slen = (size_t) -1; |
| 179 | 179 |
| 180 while (*fmt >= '0' && *fmt <= '9') { | 180 while (*fmt >= '0' && *fmt <= '9') { |
| 181 width = width * 10 + *fmt++ - '0'; | 181 width = width * 10 + (*fmt++ - '0'); |
| 182 } | 182 } |
| 183 | 183 |
| 184 | 184 |
| 185 for ( ;; ) { | 185 for ( ;; ) { |
| 186 switch (*fmt) { | 186 switch (*fmt) { |
| 209 | 209 |
| 210 case '.': | 210 case '.': |
| 211 fmt++; | 211 fmt++; |
| 212 | 212 |
| 213 while (*fmt >= '0' && *fmt <= '9') { | 213 while (*fmt >= '0' && *fmt <= '9') { |
| 214 frac_width = frac_width * 10 + *fmt++ - '0'; | 214 frac_width = frac_width * 10 + (*fmt++ - '0'); |
| 215 } | 215 } |
| 216 | 216 |
| 217 break; | 217 break; |
| 218 | 218 |
| 219 case '*': | 219 case '*': |
| 1653 case sw_quoted_second: | 1653 case sw_quoted_second: |
| 1654 | 1654 |
| 1655 state = sw_usual; | 1655 state = sw_usual; |
| 1656 | 1656 |
| 1657 if (ch >= '0' && ch <= '9') { | 1657 if (ch >= '0' && ch <= '9') { |
| 1658 ch = (u_char) ((decoded << 4) + ch - '0'); | 1658 ch = (u_char) ((decoded << 4) + (ch - '0')); |
| 1659 | 1659 |
| 1660 if (type & NGX_UNESCAPE_REDIRECT) { | 1660 if (type & NGX_UNESCAPE_REDIRECT) { |
| 1661 if (ch > '%' && ch < 0x7f) { | 1661 if (ch > '%' && ch < 0x7f) { |
| 1662 *d++ = ch; | 1662 *d++ = ch; |
| 1663 break; | 1663 break; |
| 1673 break; | 1673 break; |
| 1674 } | 1674 } |
| 1675 | 1675 |
| 1676 c = (u_char) (ch | 0x20); | 1676 c = (u_char) (ch | 0x20); |
| 1677 if (c >= 'a' && c <= 'f') { | 1677 if (c >= 'a' && c <= 'f') { |
| 1678 ch = (u_char) ((decoded << 4) + c - 'a' + 10); | 1678 ch = (u_char) ((decoded << 4) + (c - 'a') + 10); |
| 1679 | 1679 |
| 1680 if (type & NGX_UNESCAPE_URI) { | 1680 if (type & NGX_UNESCAPE_URI) { |
| 1681 if (ch == '?') { | 1681 if (ch == '?') { |
| 1682 *d++ = ch; | 1682 *d++ = ch; |
| 1683 goto done; | 1683 goto done; |