Change unescaping function in scanner and string.c to NOT unescape when '%' is not followed by hex digits.

git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@654 74dad513-b988-da41-8d7b-12977e46ad98

2 files changed, 6 insertions, 7 deletions

diff --git a/pjlib-util/src/pjlib-util/scanner.c b/pjlib-util/src/pjlib-util/scanner.c
index cd2a54b2..a2a68bd3 100644
--- a/pjlib-util/src/pjlib-util/scanner.c
+++ b/pjlib-util/src/pjlib-util/scanner.c
@@ -303,12 +303,9 @@ PJ_DEF(void) pj_scan_get_unescape( pj_scanner *scanner,
     out->ptr = s;
     do {
 	if (*s == '%') {
-	    if (s+3 <= scanner->end) {
-		/* This doesn't check if the hex digits are valid.
-		 * If they dont' it will produce garbage characters, but
-		 * no harm is done to the application (e.g. no illegal
-		 * memory access.
-		 */
+	    if (s+3 <= scanner->end && pj_isxdigit(*(s+1)) && 
+		pj_isxdigit(*(s+2))) 
+	    {
 		*dst = (pj_uint8_t) ((pj_hex_digit_to_val(*(s+1)) << 4) +
 				      pj_hex_digit_to_val(*(s+2)));
 		++dst;
diff --git a/pjlib-util/src/pjlib-util/string.c b/pjlib-util/src/pjlib-util/string.c
index 8115bc8f..1bdebbb3 100644
--- a/pjlib-util/src/pjlib-util/string.c
+++ b/pjlib-util/src/pjlib-util/string.c
@@ -34,7 +34,9 @@ PJ_DEF(pj_str_t) pj_str_unescape( pj_pool_t *pool, const pj_str_t *src_str)
     dst = dst_str.ptr = pj_pool_alloc(pool, src_str->slen);
 
     while (src != end) {
-	if (*src == '%' && src < end-2) {
+	if (*src == '%' && src < end-2 && pj_isxdigit(*(src+1)) && 
+	    pj_isxdigit(*(src+2))) 
+	{
 	    *dst = (pj_uint8_t) ((pj_hex_digit_to_val(*(src+1)) << 4) + 
 				 pj_hex_digit_to_val(*(src+2)));
 	    ++dst;