|
|
@@ -86,13 +86,17 @@ static void hex_dump(const void *src, size_t length, size_t line_size, char *pre
|
|
|
static int unescape(char *_dst, char *_src, size_t len)
|
|
|
{
|
|
|
int ret = 0;
|
|
|
+ int match;
|
|
|
char *src = _src;
|
|
|
char *dst = _dst;
|
|
|
unsigned int ch;
|
|
|
|
|
|
while (*src) {
|
|
|
if (*src == '\\' && *(src+1) == 'x') {
|
|
|
- sscanf(src + 2, "%2x", &ch);
|
|
|
+ match = sscanf(src + 2, "%2x", &ch);
|
|
|
+ if (!match)
|
|
|
+ pabort("malformed input string");
|
|
|
+
|
|
|
src += 4;
|
|
|
*dst++ = (unsigned char)ch;
|
|
|
} else {
|
Joshua Clayton