Re: undefined behavior in builtin/am.c

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Am 01.07.2022 um 19:53 schrieb Jeff King:
On Fri, Jul 01, 2022 at 07:03:18PM +0200, Roland Illig wrote:

The macro 'isspace' must only be called with an integer representable as
an 'unsigned char', or with the value of the macro EOF.

On platforms where plain 'char' is a signed integer type, any character
whose value is negative invokes undefined behavior (except for the one
character that by coincidence has the same value as the macro EOF).

To fix this, write '!isspace((unsigned char)*str)' instead.

I have no idea how to trigger this part of the code but for someone who
knows this part of Git, it should be easy. Depending on the platform,
this kind of error may be silently ignored or crash the program, as
always with undefined behavior.

We don't use the system isspace(), but instead our own macro wrappers in
git-compat-util.h. They do the cast to unsigned char themselves.

Thanks for the explanation, good to know that there's no problem. :)

Roland




[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]

  Powered by Linux