libbb: @ in "\x3@" is not a valid hex digit
function old new delta
bb_process_escape_sequence 134 141 +7
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
diff --git a/libbb/process_escape_sequence.c b/libbb/process_escape_sequence.c
index 59d0d3e..11adbfc 100644
--- a/libbb/process_escape_sequence.c
+++ b/libbb/process_escape_sequence.c
@@ -41,8 +41,16 @@
unsigned d = (unsigned char)(*q) - '0';
#else
unsigned d = (unsigned char)_tolower(*q) - '0';
- if (d >= 10)
- d += ('0' - 'a' + 10);
+ if (d >= 10) {
+ //d += ('0' - 'a' + 10);
+ /* The above would maps 'A'-'F' and 'a'-'f' to 10-15,
+ * however, some chars like '@' would map to 9 < base.
+ * Do not allow that, map invalid chars to N > base:
+ */
+ d += ('0' - 'a');
+ if ((int)d >= 0)
+ d += 10;
+ }
#endif
if (d >= base) {
if (WANT_HEX_ESCAPES && base == 16) {