Commits
Peter Wu committed 48d6a5f6a8f
switch_xml_decode: avoid NUL injection strtol can parse negative values which opens the hole for a NUL injection. The (invalid) entity "&#-256;" is parsed as 0xFFFFFF00 which (when casted to a char) becomes 0. Avoid this attack by using unsigned long integers. To avoid undefined behavior due to negative shifts, restrict the upper bound of the code points to the UTF-8 limits. (Add an assertion to make the Clang static analyzer happy.) Note: due to the specification of strtol, leading spaces and minus/plus signs are also allowed, explicitly check for an integer. "�x1;" is still accepted, but that is considered a minor issue.