From 9a210ca2d50e02bf045866bbb2f44a33a3c48cd9 Mon Sep 17 00:00:00 2001
From: wm4 <wm4@nowhere>
Date: Tue, 1 Jul 2014 23:10:38 +0200
Subject: Audit and replace all ctype.h uses

Something like "char *s = ...; isdigit(s[0]);" triggers undefined
behavior, because char can be signed, and thus s[0] can be a negative
value. The is*() functions require unsigned char _or_ EOF. EOF is a
special value outside of unsigned char range, thus the argument to the
is*() functions can't be a char.

This undefined behavior can actually trigger crashes if the
implementation of these functions e.g. uses lookup tables, which are
then indexed with out-of-range values.

Replace all <ctype.h> uses with our own custom mp_is*() functions added
with misc/ctype.h. As a bonus, these functions are locale-independent.
(Although currently, we _require_ C locale for other reasons.)
---
 player/configfiles.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'player/configfiles.c')

diff --git a/player/configfiles.c b/player/configfiles.c
index dab26b9df2..d1c79c9c9d 100644
--- a/player/configfiles.c
+++ b/player/configfiles.c
@@ -22,7 +22,6 @@
 #include <sys/stat.h>
 #include <fcntl.h>
 #include <unistd.h>
-#include <ctype.h>
 
 #include <libavutil/md5.h>
 
@@ -34,6 +33,7 @@
 #include "common/global.h"
 #include "common/encode.h"
 #include "common/msg.h"
+#include "misc/ctype.h"
 #include "options/path.h"
 #include "options/m_config.h"
 #include "options/parse_configfile.h"
@@ -267,7 +267,7 @@ static bool needs_config_quoting(const char *s)
 {
     for (int i = 0; s && s[i]; i++) {
         unsigned char c = s[i];
-        if (!isprint(c) || isspace(c) || c == '#' || c == '\'' || c == '"')
+        if (!mp_isprint(c) || mp_isspace(c) || c == '#' || c == '\'' || c == '"')
             return true;
     }
     return false;
-- 
cgit v1.2.3