Mercurial > hg > nginx

diff src/core/ngx_string.c @ 7067:e3723f2a11b7

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Parenthesized ASCII-related calculations. This also fixes potential undefined behaviour in the range and slice filter modules, caused by local overflows of signed integers in expressions.
author Valentin Bartenev <vbart@nginx.com>
date Mon, 17 Jul 2017 17:23:51 +0300
parents 289403abc84e
children 874171c3c71a
line wrap: on
line diff
--- a/src/core/ngx_string.c
+++ b/src/core/ngx_string.c
@@ -178,7 +178,7 @@ ngx_vslprintf(u_char *buf, u_char *last,
             slen = (size_t) -1;
 
             while (*fmt >= '0' && *fmt <= '9') {
-                width = width * 10 + *fmt++ - '0';
+                width = width * 10 + (*fmt++ - '0');
             }
 
 
@@ -211,7 +211,7 @@ ngx_vslprintf(u_char *buf, u_char *last,
                     fmt++;
 
                     while (*fmt >= '0' && *fmt <= '9') {
-                        frac_width = frac_width * 10 + *fmt++ - '0';
+                        frac_width = frac_width * 10 + (*fmt++ - '0');
                     }
 
                     break;
@@ -1655,7 +1655,7 @@ ngx_unescape_uri(u_char **dst, u_char **
             state = sw_usual;
 
             if (ch >= '0' && ch <= '9') {
-                ch = (u_char) ((decoded << 4) + ch - '0');
+                ch = (u_char) ((decoded << 4) + (ch - '0'));
 
                 if (type & NGX_UNESCAPE_REDIRECT) {
                     if (ch > '%' && ch < 0x7f) {
@@ -1675,7 +1675,7 @@ ngx_unescape_uri(u_char **dst, u_char **
 
             c = (u_char) (ch | 0x20);
             if (c >= 'a' && c <= 'f') {
-                ch = (u_char) ((decoded << 4) + c - 'a' + 10);
+                ch = (u_char) ((decoded << 4) + (c - 'a') + 10);
 
                 if (type & NGX_UNESCAPE_URI) {
                     if (ch == '?') {