[Pidgin] #3848: purple_markup_unescape_entity doesn't escape hexadecimal references
Pidgin
trac at pidgin.im
Mon Nov 5 21:13:35 EST 2007
#3848: purple_markup_unescape_entity doesn't escape hexadecimal references
----------------------------+-----------------------------------------------
Reporter: BigBrownChunx | Owner:
Type: patch | Status: new
Priority: minor | Milestone:
Component: libpurple | Version: 2.2.2
Resolution: | Keywords:
Pending: 0 |
----------------------------+-----------------------------------------------
Comment (by QuLogic):
I'm guessing that since sscanf returns the number of variables assigned,
it is possible for it to assign something to `pound`, fail to find the
';', and then still return 1.
Maybe you could do something like this:
{{{
else if(*(text+1) == '#' && ((sscanf(text, "&#%u%1[;]", £, &temp) ==
2) ||
(sscanf(text, "&#x%x%1[;]", £, &temp) == 2))
&&
pound != 0) {
}}}
--
Ticket URL: <http://developer.pidgin.im/ticket/3848#comment:2>
Pidgin <http://pidgin.im>
Pidgin
More information about the Tracker
mailing list