Non-standard conformant usage of ctype functions

Roumen Petrov openssh at roumenpetrov.info
Wed Jul 8 05:46:54 EST 2009


Corinna Vinschen wrote:
> Hi,
> 
> Per the definitions of the ctype functions in POSIX-1.2008 "the c
> argument is an int, the value of which the application shall ensure is a
> character representable as an unsigned char or equal to the value of the
> macro EOF. If the argument has any other value, the behavior is
> undefined."
> 
> For obvious reasons this results in problems if you use signed char
> variables as parameters in calls to the ctype functions, if you support
> other charsets than ASCII.
> In theory OpenSSH has this problem as well.  With a few exceptions it
> uses (signed) char values throughout in calls to ctype functions like
> isspace.

No idea why is not reported.

> However, given that OpenSSH doesn't call setlocale, the locale is always
> "C" and the chance that the ctype functions return a wrong value is rather
> tiny.  Nevertheless, for the sake of correctness, and to avoid potential
> problems in some later, locale-aware version of OpenSSH, I'd like to
> propose to change all calls of ctype functions in OpenSSH from, for
> instance:
> 
>   if (isupper(c))
>     c = (char)tolower(c);
> 
> to:
> 
>   if (isupper((u_char)c))
>     c = (char)tolower((u_char)c);

I'm using in my X.509 certificate support patch following macro:

#ifndef ISSPACE
#  define ISSPACE(ch) (isspace((int)(unsigned char)(ch)))
#endif

to avoid problem with signed strings(characters). If I remember well 
affected platform is solaris 8(?).
I think that other functions like isalpha, isdigit are impacted too.


> If that's ok with you, I'd create a matching patch.
May be a patch based on macros like ISPACE above, but the question is 
why to patch code if it not reported a issue ?

> Corinna
> 

Roumen


More information about the openssh-unix-dev mailing list