# HG changeset patch
# User Sadrul Habib Chowdhury <imadil@gmail.com>
# Date 1196944000 0
# Node ID 8f82dc5e0b7646fc589eefd0ae491063d3adf9fb
# Parent  f215729af7a76fe79cddc8ee1825e2450870c180
Patch #3848 from Eion Robb: "purple_markup_unescape_entity doesn't escape hexadecimal references", with changes from QuLogic.
Closes #3848.

diff -r f215729af7a7 -r 8f82dc5e0b76 COPYRIGHT
--- a/COPYRIGHT	Thu Dec 06 09:54:04 2007 +0000
+++ b/COPYRIGHT	Thu Dec 06 12:26:40 2007 +0000
@@ -309,6 +309,7 @@
 Tim Ringenbach
 Dennis Ristuccia
 Lee Roach
+Eion Robb
 Rhett Robinson
 Luciano Miguel Ferreira Rocha
 Andrew Rodland
diff -r f215729af7a7 -r 8f82dc5e0b76 libpurple/util.c
--- a/libpurple/util.c	Thu Dec 06 09:54:04 2007 +0000
+++ b/libpurple/util.c	Thu Dec 06 12:26:40 2007 +0000
@@ -921,6 +921,7 @@
 {
 	const char *pln;
 	int len, pound;
+	char temp[2];
 
 	if (!text || *text != '&')
 		return NULL;
@@ -943,8 +944,9 @@
 		pln = "\302\256";      /* or use g_unichar_to_utf8(0xae); */
 	else if(IS_ENTITY("&apos;"))
 		pln = "\'";
-	else if(*(text+1) == '#' && (sscanf(text, "&#%u;", &pound) == 1) &&
-			pound != 0 && *(text+3+(gint)log10(pound)) == ';') {
+	else if(*(text+1) == '#' &&
+			(sscanf(text, "&#%u%1[;]", &pound, temp) == 2 || sscanf(text, "&#x%x%1[;]", &pound, temp) == 2) &&
+			pound != 0) {
 		static char buf[7];
 		int buflen = g_unichar_to_utf8((gunichar)pound, buf);
 		buf[buflen] = '\0';