On Jan 12, 2012, at 8:44 AM, Andy Polyakov wrote:
>>>> ***************************************************
>>>> issue:
>>>> extra warnings in compilation of ca.c and gost_pmeth
>>>>
>>>> solution:
>>>> convert the type to unsigned int before "uppering"
>>> This actually goes beyond just warning. toupper accepts 'int' as
>>> argument and if you pass 'char' from upper half of ASCII table, it will
>>> be passed sign-expanded, and if you pass 'unsigned char', then it will
>>> be passed zero-expanded.
>>
>> See also http://msdn.microsoft.com/en-us/library/ms245348.aspx
>
> "characters outside that range will cause asserts and/or crashes at run
> time."
>
> Crashes? Surely over-dramatized, but to be safe the patch is applied
> even to 1.0.0. Just for reference…
Wouldn't surprise me if their code looked like this:
static int uctable [ 256 ] = { …. };
int toupper ( int val ) {
if ( val == EOF ) return EOF;
return uctable [ val ];
}
Could cause a SEGV if unlucky.
-- Marshall
Marshall Clow Idio Software <mailto:[email protected]>
A.D. 1517: Martin Luther nails his 95 Theses to the church door and is promptly
moderated down to (-1, Flamebait).
-- Yu Suzuki
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [email protected]
