* [Bug bzip2/28283] New: undefined behavior for isdigit and isspace
@ 2021-08-27 17:31 roland.illig at gmx dot de
2022-12-27 12:34 ` [Bug bzip2/28283] " pmqs at outlook dot com
` (3 more replies)
0 siblings, 4 replies; 5+ messages in thread
From: roland.illig at gmx dot de @ 2021-08-27 17:31 UTC (permalink / raw)
To: bzip2-devel
https://sourceware.org/bugzilla/show_bug.cgi?id=28283
Bug ID: 28283
Summary: undefined behavior for isdigit and isspace
Product: bzip2
Version: unspecified
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: bzip2
Assignee: nobody at sourceware dot org
Reporter: roland.illig at gmx dot de
CC: bzip2-devel at sourceware dot org
Target Milestone: ---
The functions from <ctype.h> take an int as parameter. The value of this
parameter must "either be representable as an unsigned char or be the value of
the macro EOF".
The functions addFlagsFromEnvVar and bzopen_or_bzdopen wrongly cast the
argument to Int32, the correct type is UChar. After a direct cast to Int32, the
argument may still be negative, which makes that cast wrong.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug bzip2/28283] undefined behavior for isdigit and isspace
2021-08-27 17:31 [Bug bzip2/28283] New: undefined behavior for isdigit and isspace roland.illig at gmx dot de
@ 2022-12-27 12:34 ` pmqs at outlook dot com
2022-12-27 17:24 ` mark at klomp dot org
` (2 subsequent siblings)
3 siblings, 0 replies; 5+ messages in thread
From: pmqs at outlook dot com @ 2022-12-27 12:34 UTC (permalink / raw)
To: bzip2-devel
https://sourceware.org/bugzilla/show_bug.cgi?id=28283
Paul Marquess <pmqs at outlook dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |pmqs at outlook dot com
--- Comment #1 from Paul Marquess <pmqs at outlook dot com> ---
This issue has been reported downstream in the Perl sources, which include a
sub-set of the bzip2 source. Believe that OpenBSD is a candidate for this issue
causing a problem.
Also, see
https://wiki.sei.cmu.edu/confluence/display/c/STR37-C.+Arguments+to+character-handling+functions+must+be+representable+as+an+unsigned+char
for details on a coding standard that mentions the isdigit issue.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug bzip2/28283] undefined behavior for isdigit and isspace
2021-08-27 17:31 [Bug bzip2/28283] New: undefined behavior for isdigit and isspace roland.illig at gmx dot de
2022-12-27 12:34 ` [Bug bzip2/28283] " pmqs at outlook dot com
@ 2022-12-27 17:24 ` mark at klomp dot org
2024-04-09 13:31 ` email at arsoftware dot net.br
2024-04-09 19:19 ` mark at klomp dot org
3 siblings, 0 replies; 5+ messages in thread
From: mark at klomp dot org @ 2022-12-27 17:24 UTC (permalink / raw)
To: bzip2-devel
https://sourceware.org/bugzilla/show_bug.cgi?id=28283
Mark Wielaard <mark at klomp dot org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |mark at klomp dot org
--- Comment #2 from Mark Wielaard <mark at klomp dot org> ---
So both cases the chars tested are user supplied and could in theory be signed
chars. So casting to Int32 or int could create negative values. Which isspace
and isdigit don't handle. Proposed patch:
diff --git a/bzip2.c b/bzip2.c
index 1538faf..9ef7536 100644
--- a/bzip2.c
+++ b/bzip2.c
@@ -1767,8 +1767,8 @@ void addFlagsFromEnvVar ( Cell** argList, Char* varName )
if (p[i] == 0) break;
p += i;
i = 0;
- while (isspace((Int32)(p[0]))) p++;
- while (p[i] != 0 && !isspace((Int32)(p[i]))) i++;
+ while (isspace((UChar)(p[0]))) p++;
+ while (p[i] != 0 && !isspace((UChar)(p[i]))) i++;
if (i > 0) {
k = i; if (k > FILE_NAME_LEN-10) k = FILE_NAME_LEN-10;
for (j = 0; j < k; j++) tmpName[j] = p[j];
diff --git a/bzlib.c b/bzlib.c
index 2178655..100873c 100644
--- a/bzlib.c
+++ b/bzlib.c
@@ -1408,7 +1408,7 @@ BZFILE * bzopen_or_bzdopen
case 's':
smallMode = 1; break;
default:
- if (isdigit((int)(*mode))) {
+ if (isdigit((unsigned char)(*mode))) {
blockSize100k = *mode-BZ_HDR_0;
}
}
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug bzip2/28283] undefined behavior for isdigit and isspace
2021-08-27 17:31 [Bug bzip2/28283] New: undefined behavior for isdigit and isspace roland.illig at gmx dot de
2022-12-27 12:34 ` [Bug bzip2/28283] " pmqs at outlook dot com
2022-12-27 17:24 ` mark at klomp dot org
@ 2024-04-09 13:31 ` email at arsoftware dot net.br
2024-04-09 19:19 ` mark at klomp dot org
3 siblings, 0 replies; 5+ messages in thread
From: email at arsoftware dot net.br @ 2024-04-09 13:31 UTC (permalink / raw)
To: bzip2-devel
https://sourceware.org/bugzilla/show_bug.cgi?id=28283
--- Comment #3 from email at arsoftware dot net.br ---
Em 2022-12-27 14:24, mark at klomp dot org via Bzip2-devel escreveu:
> https://sourceware.org/bugzilla/show_bug.cgi?id=28283
>
> Mark Wielaard <mark at klomp dot org> changed:
>
> What |Removed |Added
> ----------------------------------------------------------------------------
> CC| |mark at klomp dot org
>
> --- Comment #2 from Mark Wielaard <mark at klomp dot org> ---
> So both cases the chars tested are user supplied and could in theory be
> signed
> chars. So casting to Int32 or int could create negative values. Which
> isspace
> and isdigit don't handle. Proposed patch:
>
> diff --git a/bzip2.c b/bzip2.c
> index 1538faf..9ef7536 100644
> --- a/bzip2.c
> +++ b/bzip2.c
> @@ -1767,8 +1767,8 @@ void addFlagsFromEnvVar ( Cell** argList, Char*
> varName )
> if (p[i] == 0) break;
> p += i;
> i = 0;
> - while (isspace((Int32)(p[0]))) p++;
> - while (p[i] != 0 && !isspace((Int32)(p[i]))) i++;
> + while (isspace((UChar)(p[0]))) p++;
> + while (p[i] != 0 && !isspace((UChar)(p[i]))) i++;
> if (i > 0) {
> k = i; if (k > FILE_NAME_LEN-10) k = FILE_NAME_LEN-10;
> for (j = 0; j < k; j++) tmpName[j] = p[j];
> diff --git a/bzlib.c b/bzlib.c
> index 2178655..100873c 100644
> --- a/bzlib.c
> +++ b/bzlib.c
> @@ -1408,7 +1408,7 @@ BZFILE * bzopen_or_bzdopen
> case 's':
> smallMode = 1; break;
> default:
> - if (isdigit((int)(*mode))) {
> + if (isdigit((unsigned char)(*mode))) {
> blockSize100k = *mode-BZ_HDR_0;
> }
> }
yes, I agree
ric
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug bzip2/28283] undefined behavior for isdigit and isspace
2021-08-27 17:31 [Bug bzip2/28283] New: undefined behavior for isdigit and isspace roland.illig at gmx dot de
` (2 preceding siblings ...)
2024-04-09 13:31 ` email at arsoftware dot net.br
@ 2024-04-09 19:19 ` mark at klomp dot org
3 siblings, 0 replies; 5+ messages in thread
From: mark at klomp dot org @ 2024-04-09 19:19 UTC (permalink / raw)
To: bzip2-devel
https://sourceware.org/bugzilla/show_bug.cgi?id=28283
Mark Wielaard <mark at klomp dot org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|UNCONFIRMED |RESOLVED
Resolution|--- |FIXED
--- Comment #4 from Mark Wielaard <mark at klomp dot org> ---
commit fbc4b11da543753b3b803e5546f56e26ec90c2a7
Author: Mark Wielaard <mjw@redhat.com>
Date: Tue Apr 9 21:11:02 2024 +0200
Make sure to call isdigit and isspace with unsigned char
Casting to Int32 or int could create negative values. Which isspace
and isdigit don't handle. SEI CERT C Coding Standard STR37-C.
Resolve by casting to UChar or unsigned char instead of Int32 or int.
https://sourceware.org/bugzilla/show_bug.cgi?id=28283
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2024-04-09 19:19 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-08-27 17:31 [Bug bzip2/28283] New: undefined behavior for isdigit and isspace roland.illig at gmx dot de
2022-12-27 12:34 ` [Bug bzip2/28283] " pmqs at outlook dot com
2022-12-27 17:24 ` mark at klomp dot org
2024-04-09 13:31 ` email at arsoftware dot net.br
2024-04-09 19:19 ` mark at klomp dot org
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).