Non-standard conformant usage of ctype functions

Corinna Vinschen vinschen at redhat.com
Tue Jul 7 22:56:28 EST 2009


Hi,

Per the definitions of the ctype functions in POSIX-1.2008 "the c
argument is an int, the value of which the application shall ensure is a
character representable as an unsigned char or equal to the value of the
macro EOF. If the argument has any other value, the behavior is
undefined."

For obvious reasons this results in problems if you use signed char
variables as parameters in calls to the ctype functions, if you support
other charsets than ASCII.
In theory OpenSSH has this problem as well.  With a few exceptions it
uses (signed) char values throughout in calls to ctype functions like
isspace.

However, given that OpenSSH doesn't call setlocale, the locale is always
"C" and the chance that the ctype functions return a wrong value is rather
tiny.  Nevertheless, for the sake of correctness, and to avoid potential
problems in some later, locale-aware version of OpenSSH, I'd like to
propose to change all calls of ctype functions in OpenSSH from, for
instance:

  if (isupper(c))
    c = (char)tolower(c);

to:

  if (isupper((u_char)c))
    c = (char)tolower((u_char)c);

If that's ok with you, I'd create a matching patch.


Corinna

-- 
Corinna Vinschen
Cygwin Project Co-Leader
Red Hat


More information about the openssh-unix-dev mailing list