[Issue 9668] New: undefined behavior for isdigit in tls2.c

6 Sep 2021


      https://bugs.openldap.org/show_bug.cgi?id=9668
Issue ID: 9668
           Summary: undefined behavior for isdigit in tls2.c
           Product: OpenLDAP
           Version: unspecified
          Hardware: All
                OS: All
            Status: UNCONFIRMED
          Severity: normal
          Priority: ---
         Component: libraries
          Assignee: bugs@openldap.org
          Reporter: roland.illig@gmx.de
  Target Milestone: ---
tls2.c says:
...
isdigit( *c )
This invokes undefined behavior if someone manages to pass a non-ASCII
character. Depending on the platform, the process may crash or wrongly classify
the host name as either numeric or non-numeric.
While here, I noticed that both sni and c have type 'char *', but they should
rather be 'const char *'. Was there a specific reason to suggest to the reader
the host name would be modifiable?
-- 
You are receiving this mail because:
You are on the CC list for the issue.

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

[Issue 9668] New: undefined behavior for isdigit in tls2.c