2 files changed, 31 insertions, 18 deletions

diff --git a/common.c b/common.c
index d1d2fe21..76da6eba 100644
--- a/common.c
+++ b/common.c
@@ -917,74 +917,87 @@ wchar_t *unescape( const wchar_t * orig, int unescape_special )
 							break;
 						}
 						
-						case L'X':
 						case L'u':
 						case L'U':
 						case L'x':
-						case L'o':
+						case L'X':
+						case L'0':
+						case L'1':
+						case L'2':
+						case L'3':
+						case L'4':
+						case L'5':
+						case L'6':
+						case L'7':
 						{
 							int i;
-							wchar_t res=0;
+							long long res=0;
 							int chars=2;
 							int base=16;
 							
 							int byte = 0;
+							int max_val = 127;
 							
 							switch( in[in_pos] )
 							{
 								case L'u':
 								{
-									base=16;
 									chars=4;
+									max_val = 35535;
 									break;
 								}
 								
 								case L'U':
 								{
-									base=16;
 									chars=8;
+									max_val = WCHAR_MAX;
 									break;
 								}
 								
 								case L'x':
 								{
-									base=16;
-									chars=2;
 									break;
 								}
 								
 								case L'X':
 								{
 									byte=1;
-									base=16;
-									chars=2;
+									max_val = 255;
 									break;
 								}
 								
-								case L'o':
+								default:
 								{
 									base=8;
 									chars=3;
+									in_pos--;
 									break;
-								}
-								
+								}								
 							}
 					
 							for( i=0; i<chars; i++ )
 							{
 								int d = convert_digit( in[++in_pos],base);
+								
 								if( d < 0 )
 								{
 									in_pos--;
 									break;
 								}
-						
+								
 								res=(res*base)|d;
-						
 							}
-					
-							in[out_pos] = (byte?ENCODE_DIRECT_BASE:0)+res;
-					
+
+							if( (res > 0) && (res <= max_val) )
+							{
+								in[out_pos] = (byte?ENCODE_DIRECT_BASE:0)+res;
+							}
+							else
+							{	
+								free(in);	
+								return 0;
+							}
+							
 							break;
 						}
 
diff --git a/doc_src/doc.hdr b/doc_src/doc.hdr
index 8e31346d..9ceddfc5 100644
--- a/doc_src/doc.hdr
+++ b/doc_src/doc.hdr
@@ -115,7 +115,7 @@ these characters, so called escape sequences are provided. These are:
 - <code>'\\^'</code>, escapes the circumflex character
 - <code>'\\x<i>xx</i>'</code>, where <code><i>xx</i></code> is a hexadecimal number, escapes the ascii character with the specified value
 - <code>'\\X<i>xx</i>'</code>, where <code><i>xx</i></code> is a hexadecimal number, escapes a byte of data with the specified value. If you are using a mutibyte encoding, this can be used to enter invalid strings. Only use this if you know what you are doing.
-- <code>'\\o<i>ooo</i>'</code>, where <code><i>ooo</i></code> is an octal number, escapes the ascii character with the specified value
+- <code>'\\<i>ooo</i>'</code>, where <code><i>ooo</i></code> is an octal number, escapes the ascii character with the specified value
 - <code>'\\u<i>xxxx</i>'</code>, where <code><i>xxxx</i></code> is a hexadecimal number, escapes the 16-bit unicode character with the specified value
 - <code>'\\U<i>xxxxxxxx</i>'</code>, where <code><i>xxxxxxxx</i></code> is a hexadecimal number, escapes the 32-bit unicode character with the specified value