html.c: avoid out-of-bounds access for url_escape_table

This fixes a segfault for me with with -O2 optimization on x86 with gcc (Debian 4.4.5-8) 4.4.5 I can reliably reproduce it with the following parameters when pointed to the git.git repository: PATH_INFO='/git-core.git/diff/' QUERY_STRING='id=2b93bfac0f5bcabbf60f174f4e7bfa9e318e64d5&id2=d6da71a9d16b8cf27f9d8f90692d3625c849cbc8' Signed-off-by: Eric Wong <normalperson@yhbt.net> Signed-off-by: Lars Hjemli <hjemli@gmail.com>
author: Eric Wong <normalperson@yhbt.net> 2011-07-21 03:24:54 +0000
committer: Lars Hjemli <hjemli@gmail.com> 2011-07-21 14:21:52 +0000
commit: 9cae75d040d9102d4b628ba3c828d95d0251f5c0 (patch)
tree: 90dd85a1ebcb0c8731bb02823b9d3707e873945d /html.c
parent: 877ff681007f31c69777e9569c4de819d4af19c9 (diff)
download: cgit-9cae75d040d9102d4b628ba3c828d95d0251f5c0.tar.gz
cgit-9cae75d040d9102d4b628ba3c828d95d0251f5c0.tar.bz2
cgit-9cae75d040d9102d4b628ba3c828d95d0251f5c0.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/html.c b/html.c
index 24a03a5..5b07aa0 100644
--- a/html.c
+++ b/html.c
@@ -162,7 +162,7 @@ void html_url_path(const char *txt)
 {
 	const char *t = txt;
 	while(t && *t){
-		int c = *t;
+		unsigned char c = *t;
 		const char *e = url_escape_table[c];
 		if (e && c!='+' && c!='&') {
 			html_raw(txt, t - txt);
@@ -179,7 +179,7 @@ void html_url_arg(const char *txt)
 {
 	const char *t = txt;
 	while(t && *t){
-		int c = *t;
+		unsigned char c = *t;
 		const char *e = url_escape_table[c];
 		if (c == ' ')
 			e = "+";
author	Eric Wong <normalperson@yhbt.net>	2011-07-21 03:24:54 +0000
committer	Lars Hjemli <hjemli@gmail.com>	2011-07-21 14:21:52 +0000
commit	9cae75d040d9102d4b628ba3c828d95d0251f5c0 (patch)
tree	90dd85a1ebcb0c8731bb02823b9d3707e873945d /html.c
parent	877ff681007f31c69777e9569c4de819d4af19c9 (diff)
download	cgit-9cae75d040d9102d4b628ba3c828d95d0251f5c0.tar.gz cgit-9cae75d040d9102d4b628ba3c828d95d0251f5c0.tar.bz2 cgit-9cae75d040d9102d4b628ba3c828d95d0251f5c0.zip