Browse code

core: use unsigned for safer non-ascii bit shifting for hexa

Daniel-Constantin Mierla authored on 27/03/2021 13:37:03
Showing 2 changed files
... ...
@@ -434,7 +434,7 @@ int base64url_enc(char *in, int ilen, char *out, int osize)
434 434
 	int  i;
435 435
 	int  r;
436 436
 	char *p;
437
-	int  block;
437
+	unsigned int  block;
438 438
 	int  olen;
439 439
 
440 440
 	olen = (((ilen+2)/3)<<2);
... ...
@@ -465,7 +465,7 @@ int base64url_enc(char *in, int ilen, char *out, int osize)
465 465
 int base64url_dec(char *in, int ilen, char *out, int osize)
466 466
 {
467 467
 	int n;
468
-	int block;
468
+	unsigned int block;
469 469
 	int idx;
470 470
 	int i;
471 471
 	int j;
... ...
@@ -493,7 +493,7 @@ int base64url_dec(char *in, int ilen, char *out, int osize)
493 493
 	for(i=0, idx=0; i<end; idx+=3) {
494 494
 		block = 0;
495 495
 		for(j=0; j<4 && i<end ; j++) {
496
-			c = _ksr_b64url_decmap[(int)in[i++]];
496
+			c = _ksr_b64url_decmap[(unsigned char)in[i++]];
497 497
 			if(c<0) {
498 498
 				LM_ERR("invalid input string\"%.*s\"\n", ilen, in);
499 499
 				return -1;
... ...
@@ -270,7 +270,7 @@ int escape_user(str *sin, str *sout)
270 270
 				break;
271 271
 				default:
272 272
 				    *at++ = '%';
273
-				    x = (*p) >> 4;
273
+				    x = (unsigned char)(*p) >> 4;
274 274
 				    if (x < 10)
275 275
 					{
276 276
 						*at++ = x + '0';
... ...
@@ -350,7 +350,7 @@ int escape_param(str *sin, str *sout)
350 350
                 default:
351 351
 
352 352
                     *at++ = '%';
353
-                    x = (*p) >> 4;
353
+                    x = (unsigned char)(*p) >> 4;
354 354
                     if (x < 10)
355 355
                     {
356 356
                         *at++ = x + '0';
... ...
@@ -792,7 +792,8 @@ int urlencode(str *sin, str *sout)
792 792
 		if (isalnum(*p) || *p == '-' || *p == '_' || *p == '.' || *p == '~')
793 793
 			*at++ = *p;
794 794
 		else
795
-			*at++ = '%', *at++ = char_to_hex(*p >> 4), *at++ = char_to_hex(*p & 15);
795
+			*at++ = '%', *at++ = char_to_hex((unsigned char)(*p) >> 4),
796
+				*at++ = char_to_hex(*p & 15);
796 797
 		p++;
797 798
 	}
798 799