Date: Fri, 06 Apr 2001 12:34:44 +1000 From: Peter Jeremy <peter.jeremy@alcatel.com.au> To: Matt Dillon <dillon@earth.backplane.com> Cc: Brian Somers <brian@Awfulhak.org>, security@FreeBSD.ORG Subject: Re: ntpd patch Message-ID: <20010406123444.F66243@gsmx07.alcatel.com.au> In-Reply-To: <200104060056.f360uCN35967@earth.backplane.com>; from dillon@earth.backplane.com on Thu, Apr 05, 2001 at 05:56:12PM -0700 References: <200104060033.f360XfP03505@hak.lan.Awfulhak.org> <200104060056.f360uCN35967@earth.backplane.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2001-Apr-05 17:56:12 -0700, Matt Dillon <dillon@earth.backplane.com> wrote: > The cast to unsigned char simply ensures that when the character is > expanded to an integer in the procedure call, it is not converted > into a negative number. > > Now, I don't think FreeBSD cares about this at all. Having looked at the actual macro expansions a day or so ago... If you pass a negative number to any of the isXXX() macros, you get a result of 0. This means that it is safe to pass a char to isXXX(), but the result may be incorrect for locale's other than `c'. The domain of isXXX() is restricted to values representable as unsigned char and EOF - ie [-1..255] for most implementations. Traditionally, isXXX() was commonly implemented as: extern some_int_type _ctype[257]; #define isXXX(c) (_ctype[(c)+1] & _CTYPE_XXX) which is undefined for values outside the allowable domain. FreeBSD adds range checking and returns 0 instead of de-referencing random memory in this case. FreeBSD also has some inline function wrappers so that the "char used as a subscript" warning is masked (which is probably unfortunate in this case). > This is just common sense, really. How generic do we want the code > to be? It certainly doesn't hurt. In this case, there's no reason not to do it correctly - which means using something like "isspace((unsigned char)(*(tp-1)))". (My preference would be "isspace((unsigned char)tp[-1])", but that is just cosmetic). Peter To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010406123444.F66243>