From 9a210ca2d50e02bf045866bbb2f44a33a3c48cd9 Mon Sep 17 00:00:00 2001
From: wm4 <wm4@nowhere>
Date: Tue, 1 Jul 2014 23:10:38 +0200
Subject: Audit and replace all ctype.h uses

Something like "char *s = ...; isdigit(s[0]);" triggers undefined
behavior, because char can be signed, and thus s[0] can be a negative
value. The is*() functions require unsigned char _or_ EOF. EOF is a
special value outside of unsigned char range, thus the argument to the
is*() functions can't be a char.

This undefined behavior can actually trigger crashes if the
implementation of these functions e.g. uses lookup tables, which are
then indexed with out-of-range values.

Replace all <ctype.h> uses with our own custom mp_is*() functions added
with misc/ctype.h. As a bonus, these functions are locale-independent.
(Although currently, we _require_ C locale for other reasons.)
---
 player/configfiles.c         | 4 ++--
 player/main.c                | 1 -
 player/timeline/tl_cue.c     | 1 -
 player/timeline/tl_mpv_edl.c | 1 -
 4 files changed, 2 insertions(+), 5 deletions(-)

(limited to 'player')

diff --git a/player/configfiles.c b/player/configfiles.c
index dab26b9df2..d1c79c9c9d 100644
--- a/player/configfiles.c
+++ b/player/configfiles.c
@@ -22,7 +22,6 @@
 #include <sys/stat.h>
 #include <fcntl.h>
 #include <unistd.h>
-#include <ctype.h>
 
 #include <libavutil/md5.h>
 
@@ -34,6 +33,7 @@
 #include "common/global.h"
 #include "common/encode.h"
 #include "common/msg.h"
+#include "misc/ctype.h"
 #include "options/path.h"
 #include "options/m_config.h"
 #include "options/parse_configfile.h"
@@ -267,7 +267,7 @@ static bool needs_config_quoting(const char *s)
 {
     for (int i = 0; s && s[i]; i++) {
         unsigned char c = s[i];
-        if (!isprint(c) || isspace(c) || c == '#' || c == '\'' || c == '"')
+        if (!mp_isprint(c) || mp_isspace(c) || c == '#' || c == '\'' || c == '"')
             return true;
     }
     return false;
diff --git a/player/main.c b/player/main.c
index 0a18df1a4e..aebfa06fb1 100644
--- a/player/main.c
+++ b/player/main.c
@@ -21,7 +21,6 @@
 #include <stdbool.h>
 #include <math.h>
 #include <assert.h>
-#include <ctype.h>
 #include <string.h>
 #include <pthread.h>
 
diff --git a/player/timeline/tl_cue.c b/player/timeline/tl_cue.c
index 6731ab4058..d5e8b08164 100644
--- a/player/timeline/tl_cue.c
+++ b/player/timeline/tl_cue.c
@@ -20,7 +20,6 @@
 #include <stdlib.h>
 #include <stdbool.h>
 #include <inttypes.h>
-#include <ctype.h>
 
 #include "talloc.h"
 
diff --git a/player/timeline/tl_mpv_edl.c b/player/timeline/tl_mpv_edl.c
index aba9738d53..78fc8b7cdc 100644
--- a/player/timeline/tl_mpv_edl.c
+++ b/player/timeline/tl_mpv_edl.c
@@ -19,7 +19,6 @@
 #include <stdlib.h>
 #include <stdbool.h>
 #include <inttypes.h>
-#include <ctype.h>
 #include <math.h>
 
 #include "talloc.h"
-- 
cgit v1.2.3