[Fontconfig] fontconfig: Branch 'main'
GitLab Mirror
gitlab-mirror at kemper.freedesktop.org
Tue Apr 12 03:56:56 UTC 2022
src/fccharset.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
New commits:
commit 7dfde9b736c3405a519b570586a30d36664058af
Author: Taylor R Campbell <campbell+fontconfig at mumble.net>
Date: Thu Apr 7 11:24:35 2022 +0000
Avoid misuse of ctype(3)
The ctype(3) functions take arguments of type int that are either
(a) EOF, or
(b) unsigned char values, {0, 1, 2, ..., 255} if char is 8-bit.
Passing values of type char, on platforms where it is signed, can go
wrong -- negative values may be confused with EOF (typically -1) or
may lead to undefined behaviour ranging in practice from returning
garbage data (possibly out of an adjacent buffer in memory that may
contain secrets) to crashing with SIGSEGV (if the page preceding the
ctype table is unmapped).
The ctype(3) functions can't themselves convert to unsigned char
because then they would give the wrong answers for EOF, for use with
functions like getchar and fgetc; the user has to cast char to
unsigned char.
diff --git a/src/fccharset.c b/src/fccharset.c
index 832649c..cd927d9 100644
--- a/src/fccharset.c
+++ b/src/fccharset.c
@@ -841,14 +841,14 @@ FcNameParseRange (FcChar8 **string, FcChar32 *pfirst, FcChar32 *plast)
char *t;
long first, last;
- while (isspace(*s))
+ while (isspace((unsigned char) *s))
s++;
t = s;
errno = 0;
first = last = strtol (s, &s, 16);
if (errno)
return FcFalse;
- while (isspace(*s))
+ while (isspace((unsigned char) *s))
s++;
if (*s == '-')
{
More information about the Fontconfig
mailing list