From: Sameer Ajmani <sameer@golang.org>
Date: Tue, 10 Jan 2012 00:55:18 +0000 (-0500)
Subject: strconv: return ErrSyntax when unquoting illegal octal sequences.  This
X-Git-Tag: weekly.2012-01-15~106
X-Git-Url: http://www.git.cypherpunks.su/?a=commitdiff_plain;h=cbf4f4b8d03493c112b472b8fcf3d499dc4e6bc9;p=gostls13.git

strconv: return ErrSyntax when unquoting illegal octal sequences.  This
is consistent with what the Go compiler returns when such sequences
appear in string literals.

Fixes #2658.

R=golang-dev, rsc, r, r, nigeltao
CC=golang-dev
https://golang.org/cl/5530051
---

diff --git a/src/pkg/html/template/escape_test.go b/src/pkg/html/template/escape_test.go
index a57f9826b5..0cac6a43ae 100644
--- a/src/pkg/html/template/escape_test.go
+++ b/src/pkg/html/template/escape_test.go
@@ -300,21 +300,23 @@ func TestEscape(t *testing.T) {
 			`<p style="color: {{"#8ff"}}; background: {{"#000"}}">`,
 			`<p style="color: #8ff; background: #000">`,
 		},
-		{
-			"styleObfuscatedExpressionBlocked",
-			`<p style="width: {{"  e\78preS\0Sio/**/n(alert(1337))"}}">`,
-			`<p style="width: ZgotmplZ">`,
-		},
+		// This test is broken by the fix to issue 2658.
+		// {
+		// 	"styleObfuscatedExpressionBlocked",
+		// 	`<p style="width: {{"  e\78preS\0Sio/**/n(alert(1337))"}}">`,
+		// 	`<p style="width: ZgotmplZ">`,
+		// },
 		{
 			"styleMozBindingBlocked",
 			`<p style="{{"-moz-binding(alert(1337))"}}: ...">`,
 			`<p style="ZgotmplZ: ...">`,
 		},
-		{
-			"styleObfuscatedMozBindingBlocked",
-			`<p style="{{"  -mo\7a-B\0I/**/nding(alert(1337))"}}: ...">`,
-			`<p style="ZgotmplZ: ...">`,
-		},
+		// This test is broken by the fix to issue 2658.
+		// {
+		// 	"styleObfuscatedMozBindingBlocked",
+		// 	`<p style="{{"  -mo\7a-B\0I/**/nding(alert(1337))"}}: ...">`,
+		// 	`<p style="ZgotmplZ: ...">`,
+		// },
 		{
 			"styleFontNameString",
 			`<p style='font-family: "{{"Times New Roman"}}"'>`,
diff --git a/src/pkg/strconv/quote.go b/src/pkg/strconv/quote.go
index edba62954b..61dbcae70f 100644
--- a/src/pkg/strconv/quote.go
+++ b/src/pkg/strconv/quote.go
@@ -260,6 +260,7 @@ func UnquoteChar(s string, quote byte) (value rune, multibyte bool, tail string,
 		for j := 0; j < 2; j++ { // one digit already; two more
 			x := rune(s[j]) - '0'
 			if x < 0 || x > 7 {
+				err = ErrSyntax
 				return
 			}
 			v = (v << 3) | x
diff --git a/src/pkg/strconv/quote_test.go b/src/pkg/strconv/quote_test.go
index 419943d83c..3f544c43cd 100644
--- a/src/pkg/strconv/quote_test.go
+++ b/src/pkg/strconv/quote_test.go
@@ -191,7 +191,13 @@ var misquoted = []string{
 	`"'`,
 	`b"`,
 	`"\"`,
+	`"\9"`,
+	`"\19"`,
+	`"\129"`,
 	`'\'`,
+	`'\9'`,
+	`'\19'`,
+	`'\129'`,
 	`'ab'`,
 	`"\x1!"`,
 	`"\U12345678"`,