Add \e, \", \' and hex-escapes (\xH[H]) to unescape()

So the users control the program, and the program doesn't control the users.
2015-02-14 22:54:18 +01:00 · 2015-02-14 22:54:18 +01:00 · d7a438b2f8
parent bf518929b9
commit d7a438b2f8
1 changed files with 24 additions and 0 deletions
--- a/libutil/unescape.c
+++ b/libutil/unescape.c
@ -17,13 +17,37 @@ unescape(char *s)

 		switch (s[i + 1]) {
 		case '\\': s[i] = '\\'; off++; break;
+		case '\'': s[i] = '\'', off++; break;
+		case '"':  s[i] =  '"', off++; break;
 		case 'a':  s[i] = '\a'; off++; break;
 		case 'b':  s[i] = '\b'; off++; break;
+		case 'e':  s[i] =  033; off++; break;
 		case 'f':  s[i] = '\f'; off++; break;
 		case 'n':  s[i] = '\n'; off++; break;
 		case 'r':  s[i] = '\r'; off++; break;
 		case 't':  s[i] = '\t'; off++; break;
 		case 'v':  s[i] = '\v'; off++; break;
+		case 'x':
+			/* "\xH[H]" hexadecimal escape */
+			for (m = i + 2; m < i + 1 + 3 && m < len; m++)
+				if ((s[m] < '0' && s[m] > '9') &&
+				    (s[m] < 'A' && s[m] > 'F') &&
+				    (s[m] < 'a' && s[m] > 'f'))
+					break;
+			if (m == i + 2)
+				eprintf("%s: invalid escape sequence '\\%c'\n", argv0, s[i + 1]);
+			off += m - i - 1;
+			for (--m, q = 0, factor = 1; m > i + 1; m--) {
+				if (s[m] >= '0' && s[m] <= '9')
+					q += (s[m] - '0') * factor;
+				else if (s[m] >= 'A' && s[m] <= 'F')
+					q += ((s[m] - 'A') + 10) * factor;
+				else if (s[m] >= 'a' && s[m] <= 'f')
+					q += ((s[m] - 'a') + 10) * factor;
+				factor *= 16;
+			}
+			s[i] = q;
+			break;
 		case '\0':
 			eprintf("%s: null escape sequence\n", argv0);
 		default: