version 1.176, 2014/10/10 15:26:29 |
version 1.178, 2014/10/27 13:31:04 |
Line 437 print_encode(struct html *h, const char *p, int norecu |
|
Line 437 print_encode(struct html *h, const char *p, int norecu |
|
case ESCAPE_UNICODE: |
case ESCAPE_UNICODE: |
/* Skip past "u" header. */ |
/* Skip past "u" header. */ |
c = mchars_num2uc(seq + 1, len - 1); |
c = mchars_num2uc(seq + 1, len - 1); |
if ('\0' != c) |
|
printf("&#x%x;", c); |
/* |
|
* XXX Security warning: |
|
* For now, forbid Unicode obfuscation of ASCII |
|
* characters. An audit of the callers is |
|
* required before this can be removed. |
|
*/ |
|
|
|
if (c < 0x80) |
|
c = 0xFFFD; |
|
|
|
printf("&#x%x;", c); |
break; |
break; |
case ESCAPE_NUMBERED: |
case ESCAPE_NUMBERED: |
c = mchars_num2char(seq, len); |
c = mchars_num2char(seq, len); |
Line 447 print_encode(struct html *h, const char *p, int norecu |
|
Line 457 print_encode(struct html *h, const char *p, int norecu |
|
break; |
break; |
case ESCAPE_SPECIAL: |
case ESCAPE_SPECIAL: |
c = mchars_spec2cp(h->symtab, seq, len); |
c = mchars_spec2cp(h->symtab, seq, len); |
if (c > 0) |
if (c <= 0) |
|
break; |
|
if (c < 0x20 || c > 0x7e) |
printf("&#%d;", c); |
printf("&#%d;", c); |
else if (-1 == c && 1 == len && |
else if ( ! print_escape(c)) |
!print_escape(*seq)) |
putchar(c); |
putchar((int)*seq); |
|
break; |
break; |
case ESCAPE_NOSPACE: |
case ESCAPE_NOSPACE: |
if ('\0' == *p) |
if ('\0' == *p) |