1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
|
--- a/libpurple/util.c
+++ b/libpurple/util.c
@@ -978,18 +978,30 @@ purple_markup_unescape_entity(const char
pln = "\302\256"; /* or use g_unichar_to_utf8(0xae); */
else if(IS_ENTITY("'"))
pln = "\'";
- else if(*(text+1) == '#' &&
- (sscanf(text, "&#%u%1[;]", £, temp) == 2 ||
- sscanf(text, "&#x%x%1[;]", £, temp) == 2) &&
- pound != 0) {
+ else if(text[1] == '#' && g_ascii_isxdigit(text[2])) {
static char buf[7];
- int buflen = g_unichar_to_utf8((gunichar)pound, buf);
+ const char *start = text + 2;
+ char *end;
+ guint64 pound;
+ int base = 10;
+ int buflen;
+
+ if (*start == 'x') {
+ base = 16;
+ start++;
+ }
+
+ pound = g_ascii_strtoull(start, &end, base);
+ if (pound == 0 || pound > INT_MAX || *end != ';') {
+ return NULL;
+ }
+
+ len = (end - text) + 1;
+
+ buflen = g_unichar_to_utf8((gunichar)pound, buf);
buf[buflen] = '\0';
pln = buf;
- len = (*(text+2) == 'x' ? 3 : 2);
- while(isxdigit((gint) text[len])) len++;
- if(text[len] == ';') len++;
}
else
return NULL;
|
