Avoid misuse of ctype(3)
The ctype(3) functions take arguments of type int that are either (a) EOF, or (b) unsigned char values, {0, 1, 2, ..., 255} if char is 8-bit. Passing values of type char, on platforms where it is signed, can go wrong -- negative values may be confused with EOF (typically -1) or may lead to undefined behaviour ranging in practice from returning garbage data (possibly out of an adjacent buffer in memory that may contain secrets) to crashing with SIGSEGV (if the page preceding the ctype table is unmapped). The ctype(3) functions can't themselves convert to unsigned char because then they would give the wrong answers for EOF, for use with functions like getchar and fgetc; the user has to cast char to unsigned char.
This commit is contained in:
parent
cf38c54a93
commit
7dfde9b736
|
@ -841,14 +841,14 @@ FcNameParseRange (FcChar8 **string, FcChar32 *pfirst, FcChar32 *plast)
|
||||||
char *t;
|
char *t;
|
||||||
long first, last;
|
long first, last;
|
||||||
|
|
||||||
while (isspace(*s))
|
while (isspace((unsigned char) *s))
|
||||||
s++;
|
s++;
|
||||||
t = s;
|
t = s;
|
||||||
errno = 0;
|
errno = 0;
|
||||||
first = last = strtol (s, &s, 16);
|
first = last = strtol (s, &s, 16);
|
||||||
if (errno)
|
if (errno)
|
||||||
return FcFalse;
|
return FcFalse;
|
||||||
while (isspace(*s))
|
while (isspace((unsigned char) *s))
|
||||||
s++;
|
s++;
|
||||||
if (*s == '-')
|
if (*s == '-')
|
||||||
{
|
{
|
||||||
|
|
Loading…
Reference in New Issue