escape more in fmt_ldapescape

CHANGES

@@ -6,6 +6,7 @@
   add some int overflow check macros to rangecheck.h
   fmt_ip6 compresses at best spot, not at first spot (Nikola Vladov)
   use inttypes.h to declare ints in uint*.h
+  escape more in fmt_ldapescape
 
 0.25:
   array_allocate no longer truncates the array

rangecheck.h

@@ -25,6 +25,13 @@ __static inline int range_ptrinbuf(const void* buf,size_t len,const void* ptr) {
      a very large number. */
 }
 
+/* same thing, but the buffer is specified by a pointer to the first
+ * byte (Min) and a pointer after the last byte (Max). */
+__static inline int range_ptrinbuf2(const void* Min,const void* Max,const void* ptr) {
+  return (Min && ptr>=Min && ptr<Max);
+  /* Min <= Max is implicitly checked here */
+}
+
 /* Is this a plausible buffer?
  * Check whether buf is NULL, and whether buf+len overflows.
  * Does NOT check whether buf has a non-zero length! */
@@ -32,6 +39,12 @@ __static inline int range_validbuf(const void* buf,size_t len) {
   return (buf && (uintptr_t)buf+len>=(uintptr_t)buf);
 }
 
+/* same thing but buffer is given as pointer to first byte (Min) and
+ * pointer beyond last byte (Max).  Again, an 0-size buffer is valid. */
+__static inline int range_validbuf2(const void* Min,const void* Max) {
+  return (Min && Max>=Min);
+}
+
 /* is buf2[0..len2-1] inside buf1[0..len-1]? */
 __static inline int range_bufinbuf(const void* buf1,size_t len1,const void* buf2,size_t len2) {
   return range_validbuf(buf1,len1) &&
@@ -68,6 +81,12 @@ int range_str4inbuf(const void* buf,size_t len,const void* stringstart);
  * So I decided to add some integer overflow protection functionality
  * here for addition and subtraction, too. */
 
+/* usage:
+ * if (add_of(dest,a,b)) return EINVAL;		// dest=a+b;
+ * if (sub_of(dest,a,b)) return EINVAL;		// dest=a-b;
+ * if (assign(dest,some_int)) return EINVAL;	// dest=some_int;
+ */
+
 /* two important assumptions:
  *   1. the platform is using two's complement
  *   2. there are 8 bits in a byte

test/range.c

@@ -129,6 +129,18 @@ void check_rangeptrbuf() {
     assert(range_str4inbuf(y,sizeof(y),y+5)==1);
     assert(range_str4inbuf(y,sizeof(y),y+6)==0);
   }
+
+  assert(range_ptrinbuf2(buf,buf+sizeof(buf),buf));
+  assert(range_ptrinbuf2(buf+sizeof(buf),buf,buf)==0);
+  assert(range_ptrinbuf2(buf,buf+sizeof(buf),buf+sizeof(buf)-1));
+  assert(range_ptrinbuf2(buf,buf+sizeof(buf),buf+sizeof(buf))==0);
+  assert(range_ptrinbuf2(buf,buf,buf)==0);
+  assert(range_ptrinbuf2(0,buf+100,buf)==0);
+
+  assert(range_validbuf2(buf,buf+100));
+  assert(range_validbuf2(buf,buf-1)==0);
+  assert(range_validbuf2(buf,buf));
+  assert(range_validbuf2(NULL,buf+100)==0);
 }
 
 void check_intof() {
@@ -190,6 +202,14 @@ void check_intof() {
     a=0; assert(sub_of(a,INT_MAX,10)==0 && a==INT_MAX-10);
   }
 
+  {
+    unsigned long long a;
+    /* caveat emptor: */
+    a=0; assert(add_of(a,0xfffffff0,0x10)==1);
+      /* this does NOT work and set a to 0x100000000, just like
+       * a=0xfffffff0+0x10 sets a to 0 in C! */
+  }
+
 }
 
 int main() {

textcode/fmt_ldapescape.c

@@ -7,7 +7,8 @@ size_t fmt_ldapescape(char* dest,const char* src,size_t len) {
   register const unsigned char* s=(const unsigned char*) src;
   size_t written=0,i;
   for (i=0; i<len; ++i) {
-    if (s[i]=='*' || s[i]=='(' || s[i]==')' || s[i]==0 || s[i]=='\\') {
+    if (s[i]=='*' || s[i]=='(' || s[i]==')' || s[i]==0 ||
+	s[i]=='\\' || s[i]<' ') {
       if (dest) {
 	dest[written]='\\';
 	dest[written+1]=fmt_tohex(s[i]>>4);