reject invalid hex/unicode escape sequences instead of letting them crash the compiler

5cdb7ba3 · Stefan Behnel · 7f45b0b7 · 5cdb7ba3 · 5cdb7ba3 · 5cdb7ba3
Commit 5cdb7ba3 authored Jan 15, 2011 by Stefan Behnel
7 changed files
--- a/Cython/Compiler/Parsing.py
+++ b/Cython/Compiler/Parsing.py
@@ -782,13 +782,19 @@ def p_string_literal(s, kind_override=None):
                elif c == u'\n':
                    pass
                elif c == u'x':
-                    chars.append_charval( int(systr[2:], 16) )
+                    if len(systr) == 4:
+                        chars.append_charval( int(systr[2:], 16) )
+                    else:
+                        s.error("Invalid hex escape '%s'" % systr, pos=s.position())
                elif c in u'Uu':
                    if kind in ('u', ''):
-                        chrval = int(systr[2:], 16)
+                        if len(systr) in (6,10):
-                        if chrval > 1114111: # sys.maxunicode:
+                            chrval = int(systr[2:], 16)
-                            s.error("Invalid unicode escape '%s'" % systr,
+                            if chrval > 1114111: # sys.maxunicode:
-                                    pos = pos)
+                                s.error("Invalid unicode escape '%s'" % systr,
+                                        pos = pos)
+                        else:
+                            s.error("Invalid unicode escape '%s'" % systr, pos=s.position())
                    else:
                        # unicode escapes in plain byte strings are not unescaped
                        chrval = None

--- a/tests/errors/invalid_hex_escape0.pyx
+++ b/tests/errors/invalid_hex_escape0.pyx
+'\x'
+_ERRORS = '''
+2:1: Invalid hex escape '\x'
+'''
--- a/tests/errors/invalid_hex_escape1.pyx
+++ b/tests/errors/invalid_hex_escape1.pyx
+'\x1'
+_ERRORS = '''
+2:1: Invalid hex escape '\x'
+'''
--- a/tests/errors/invalid_uescape.pyx
+++ b/tests/errors/invalid_uescape.pyx
+u'\uXYZ'
+_ERRORS = '''
+2:2: Invalid unicode escape '\u'
+'''
--- a/tests/errors/invalid_uescape0.pyx
+++ b/tests/errors/invalid_uescape0.pyx
+u'\u'
+_ERRORS = '''
+2:1: Invalid unicode escape '\u'
+'''
--- a/tests/errors/invalid_uescape2.pyx
+++ b/tests/errors/invalid_uescape2.pyx
+u'\u12'
+_ERRORS = '''
+2:1: Invalid unicode escape '\u'
+'''
--- a/tests/run/strliterals.pyx
+++ b/tests/run/strliterals.pyx
@@ -125,6 +125,13 @@ __doc__ = ur"""
    >>> len(uresc)
    9
+    >>> bytes_uescape
+    b'\\u1234\\U12345678\\u\\u1\\u12\\uX'
+    >>> bytes_uescape == b'\\u1234\\U12345678\\u\\u1\\u12\\uX'
+    True
+    >>> len(bytes_uescape)
+    28
    >>> newlines == "Aaa\n"
    True
@@ -165,6 +172,8 @@ sresc =  r'\12\'\"\\'
 bresc = br'\12\'\"\\'
 uresc = ur'\12\'\"\\'
+bytes_uescape = b'\u1234\U12345678\u\u1\u12\uX'
 newlines = "Aaa\n"
 # T640, long literals with escapes