You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@mynewt.apache.org by je...@apache.org on 2021/04/26 09:24:20 UTC
[mynewt-core] branch master updated: ctype: Fix undefined behavior
in ctype.h usage
This is an automated email from the ASF dual-hosted git repository.
jerzy pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/mynewt-core.git
The following commit(s) were added to refs/heads/master by this push:
new 78b75fb ctype: Fix undefined behavior in ctype.h usage
78b75fb is described below
commit 78b75fb517adcad511906a9fe96d20da61485ec0
Author: Jerzy Kasenberg <je...@codecoup.pl>
AuthorDate: Sun Apr 18 13:48:34 2021 +0200
ctype: Fix undefined behavior in ctype.h usage
Although ctype.h functions/macros like isalpha, isdigit etc.
take int argument as input behaviour is undefined if value
passed to those are not from unsigned char + EOF.
If the implementation choose to use simple macro that accesses
table indexed by argument and it was negative as it can be
when char is cast to int (as was the case in some places)
result would be unpredictable.
In most cases argument to ctype define functions was correctly
cast to unsigned (json/lwip and many other places).
This updates places that could be prone to this problem with
cast to (unsigned char).
For baselibc implementation it does not make difference but
if some other libc was chosen it could lead to potential
problems (warnings at build time or unpredictable behavior).
Line from code build against non-baselibc implementation of ctype.h
error: array subscript has type 'char' [-Werror=char-subscripts]
---
encoding/base64/src/hex.c | 2 +-
encoding/json/src/json_decode.c | 2 +-
hw/drivers/uart/uart_hal/src/uart_hal.c | 2 +-
net/ip/mn_socket/src/mn_socket_aconv.c | 2 +-
net/oic/src/api/oc_uuid.c | 2 +-
sys/console/full/history_log/src/history_log.c | 6 +++---
sys/log/full/src/log_shell.c | 2 +-
time/datetime/src/datetime.c | 4 ++--
8 files changed, 11 insertions(+), 11 deletions(-)
diff --git a/encoding/base64/src/hex.c b/encoding/base64/src/hex.c
index 0ff3209..4c91acf 100644
--- a/encoding/base64/src/hex.c
+++ b/encoding/base64/src/hex.c
@@ -80,7 +80,7 @@ hex_parse(const char *src, int src_len, void *dst_v, int dst_len)
}
for (i = 0; i < src_len; i++, src++) {
c = *src;
- if (isdigit((int) c)) {
+ if (isdigit((unsigned char)c)) {
c -= '0';
} else if (c >= 'a' && c <= 'f') {
c -= ('a' - 10);
diff --git a/encoding/json/src/json_decode.c b/encoding/json/src/json_decode.c
index 81df9de..e56778f 100644
--- a/encoding/json/src/json_decode.c
+++ b/encoding/json/src/json_decode.c
@@ -86,7 +86,7 @@ json_skip_ws(struct json_buffer *jb)
do {
c = jb->jb_read_next(jb);
- } while (isspace((int) c));
+ } while (isspace((unsigned char) c));
jb->jb_read_prev(jb);
}
diff --git a/hw/drivers/uart/uart_hal/src/uart_hal.c b/hw/drivers/uart/uart_hal/src/uart_hal.c
index 1ff094e..0e7c027 100644
--- a/hw/drivers/uart/uart_hal/src/uart_hal.c
+++ b/hw/drivers/uart/uart_hal/src/uart_hal.c
@@ -178,7 +178,7 @@ uart_hal_init(struct os_dev *odev, void *arg)
dev = (struct uart_dev *)odev;
ch = odev->od_name[strlen(odev->od_name) - 1];
- if (!isdigit((int) ch)) {
+ if (!isdigit((unsigned char)ch)) {
return OS_EINVAL;
}
uart_hal_dev_set_id(dev, ch - '0');
diff --git a/net/ip/mn_socket/src/mn_socket_aconv.c b/net/ip/mn_socket/src/mn_socket_aconv.c
index 9609116..e8e44bc 100644
--- a/net/ip/mn_socket/src/mn_socket_aconv.c
+++ b/net/ip/mn_socket/src/mn_socket_aconv.c
@@ -224,7 +224,7 @@ mn_inet_pton(int af, const char *src, void *dst)
if (cnt > 4) {
return 0;
}
- if (isdigit(*ch_src)) {
+ if (isdigit((unsigned char)*ch_src)) {
val = val * 10 + *ch_src - '0';
if (val > 255) {
return 0;
diff --git a/net/oic/src/api/oc_uuid.c b/net/oic/src/api/oc_uuid.c
index 7e13db0..4c35245 100644
--- a/net/oic/src/api/oc_uuid.c
+++ b/net/oic/src/api/oc_uuid.c
@@ -34,7 +34,7 @@ oc_str_to_uuid(const char *str, oc_uuid_t *uuid)
for (i = 0; i < strlen(str); i++) {
if (str[i] == '-')
continue;
- else if (isalpha((int)str[i])) {
+ else if (isalpha((unsigned char)str[i])) {
switch (str[i]) {
case 65:
case 97:
diff --git a/sys/console/full/history_log/src/history_log.c b/sys/console/full/history_log/src/history_log.c
index aceecaf..531bffd 100644
--- a/sys/console/full/history_log/src/history_log.c
+++ b/sys/console/full/history_log/src/history_log.c
@@ -140,9 +140,9 @@ console_history_add_to_cache(const char *line)
}
/* Trim from spaces */
- while (isspace(*line)) {
+ while (isspace((unsigned char)*line)) {
line++;
- };
+ }
len = strlen(line);
if (len == 0) {
@@ -153,7 +153,7 @@ console_history_add_to_cache(const char *line)
* Trim trailing spaces. It does not touch input buffer, it just
* corrects len variable.
*/
- while (isspace(line[len - 1])) {
+ while (isspace((unsigned char)line[len - 1])) {
len--;
}
diff --git a/sys/log/full/src/log_shell.c b/sys/log/full/src/log_shell.c
index 6ceae56..716ae86 100644
--- a/sys/log/full/src/log_shell.c
+++ b/sys/log/full/src/log_shell.c
@@ -117,7 +117,7 @@ shell_log_dump_cmd(int argc, char **argv)
list_only = true;
break;
}
- if (isdigit(argv[i][0])) {
+ if (isdigit((unsigned char)argv[i][0])) {
log_limit = parse_ll_bounds(argv[i], 1, 1000000, &rc);
} else {
log_name = argv[i];
diff --git a/time/datetime/src/datetime.c b/time/datetime/src/datetime.c
index bc56940..f627b81 100644
--- a/time/datetime/src/datetime.c
+++ b/time/datetime/src/datetime.c
@@ -205,7 +205,7 @@ parse_number(const char *str, int digits, int *val)
cp = str;
end = str + digits;
while (cp < end) {
- if (!isdigit((int) *cp)) {
+ if (!isdigit((unsigned char)*cp)) {
return (NULL);
}
*val *= 10;
@@ -271,7 +271,7 @@ datetime_parse(const char *input, struct os_timeval *tv, struct os_timezone *tz)
/* parse fractional seconds if specified */
if (*cp == '.') {
ep = ++cp;
- while (isdigit((int) *ep)) {
+ while (isdigit((unsigned char)*ep)) {
ep++;
}
digits = ep - cp;