https://bugs.openldap.org/show_bug.cgi?id=9668
Howard Chu <hyc(a)openldap.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|--- |TEST
Status|UNCONFIRMED |RESOLVED
--- Comment #1 from Howard Chu <hyc(a)openldap.org> ---
(In reply to roland.illig from comment #0)
tls2.c says:
> isdigit( *c )
This invokes undefined behavior if someone manages to pass a non-ASCII
character.
Thanks, fixed in git master.
Depending on the platform, the process may crash
BSD-derived libc's have always handled negative values here.
or wrongly
classify the host name as either numeric or non-numeric.
Wrongly classifying is clearly not possible, as non-ASCII chars
are all non-digits.
While here, I noticed that both sni and c have type 'char *',
but they
should rather be 'const char *'. Was there a specific reason to suggest to
the reader the host name would be modifiable?
No reason.
--
You are receiving this mail because:
You are on the CC list for the issue.