From 0753b869310fd38deaa0451d9b4de457d2a7ed4a Mon Sep 17 00:00:00 2001
From: Qualys Security Advisory <qsa@qualys.com>
Date: Thu, 1 Jan 1970 00:00:00 +0000
Subject: [PATCH] 0069-proc/readproc.c: Fix the unhex() function.

This function is unused (SIGNAL_STRING is defined by default, and if it
is not, procps does not compile -- for example, there is no "outbuf" in
help_pr_sig()) but fix it anyway. There are two bugs:

- it accepts non-hexadecimal characters (anything >= 0x30);

- "(c - (c>0x57) ? 0x57 : 0x30)" is always equal to 0x57.

---------------------------- adapted for newlib branch
. newlib doesn't use that 'unlikely' crap

Signed-off-by: Jim Warner <james.warner@comcast.net>
---
 proc/readproc.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/proc/readproc.c b/proc/readproc.c
index 77642f86..6144fc02 100644
--- a/proc/readproc.c
+++ b/proc/readproc.c
@@ -75,8 +75,10 @@ static unsigned long long unhex(const char *restrict cp){
     unsigned long long ull = 0;
     for(;;){
         char c = *cp++;
-        if(c<0x30) break;
-        ull = (ull<<4) | (c - (c>0x57) ? 0x57 : 0x30) ;
+        if(!( (c >= '0' && c <= '9') ||
+              (c >= 'A' && c <= 'F') ||
+              (c >= 'a' && c <= 'f') )) break;
+        ull = (ull<<4) | (c - (c >= 'a' ? 'a'-10 : c >= 'A' ? 'A'-10 : '0'));
     }
     return ull;
 }