If a byte in DBusString *unescaped isn't a ascii byte, which will be
cast to char (signed char on most of platform), so that's the issue
unsigned char cast to signed char. e.g. "\303\266" is a valid unicode
character, if everything goes right, it will be escaped to "%c3%b6".
However, in fact, it escaped to "%<garbage-byte>3%<garbage-byte>6".
_dbus_string_append_byte_as_hex() take an int parameter, so negative
byte is valid, but cause get a negative index in array. So garbage value
will get. e.g. '\303' --> hexdigits[((signed byte)(-61)) >> 4] is
hexdigits[-4].
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=53499
Sgne-off-by: Chengwei Yang <chengwei.yang@intel.com>
[fixed whitespace -smcv]
Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
_dbus_address_append_escaped (DBusString *escaped,
const DBusString *unescaped)
{
- const char *p;
- const char *end;
+ const unsigned char *p;
+ const unsigned char *end;
dbus_bool_t ret;
int orig_len;
ret = FALSE;
orig_len = _dbus_string_get_length (escaped);
- p = _dbus_string_get_const_data (unescaped);
+ p = (const unsigned char *) _dbus_string_get_const_data (unescaped);
end = p + _dbus_string_get_length (unescaped);
while (p != end)
{
*/
dbus_bool_t
_dbus_string_append_byte_as_hex (DBusString *str,
- int byte)
+ unsigned char byte)
{
const char hexdigits[16] = {
'0', '1', '2', '3', '4', '5', '6', '7', '8', '9',
void _dbus_string_delete_leading_blanks (DBusString *str);
void _dbus_string_chop_white (DBusString *str);
dbus_bool_t _dbus_string_append_byte_as_hex (DBusString *str,
- int byte);
+ unsigned char byte);
dbus_bool_t _dbus_string_hex_encode (const DBusString *source,
int start,
DBusString *dest,