Sanitize usage of <ctype.h> functions. It's important that characters
authorAndy Polyakov <appro@openssl.org>
Thu, 12 Jan 2012 16:21:35 +0000 (16:21 +0000)
committerAndy Polyakov <appro@openssl.org>
Thu, 12 Jan 2012 16:21:35 +0000 (16:21 +0000)
are passed zero-extended, not sign-extended.
PR: 2682

apps/ca.c
apps/s_client.c
apps/s_server.c
crypto/asn1/asn_mime.c
engines/ccgost/gost_pmeth.c

index de3122b..1cf50e0 100644 (file)
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -2561,7 +2561,7 @@ static int get_certificate_status(const char *serial, CA_DB *db)
                        
        /* Make it Upper Case */
        for (i=0; row[DB_serial][i] != '\0'; i++)
-               row[DB_serial][i] = toupper(row[DB_serial][i]);
+               row[DB_serial][i] = toupper((unsigned char)row[DB_serial][i]);
        
 
        ok=1;
index 84ba86e..dbc0700 100644 (file)
@@ -763,7 +763,7 @@ int MAIN(int argc, char **argv)
                        psk_key=*(++argv);
                        for (j = 0; j < strlen(psk_key); j++)
                                 {
-                                if (isxdigit((int)psk_key[j]))
+                                if (isxdigit((unsigned char)psk_key[j]))
                                         continue;
                                 BIO_printf(bio_err,"Not a hex number '%s'\n",*argv);
                                 goto bad;
index 961077c..92bd28b 100644 (file)
@@ -1219,7 +1219,7 @@ int MAIN(int argc, char *argv[])
                        psk_key=*(++argv);
                        for (i=0; i<strlen(psk_key); i++)
                                {
-                               if (isxdigit((int)psk_key[i]))
+                               if (isxdigit((unsigned char)psk_key[i]))
                                        continue;
                                BIO_printf(bio_err,"Not a hex number '%s'\n",*argv);
                                goto bad;
index c1d1b12..bbc4952 100644 (file)
@@ -801,7 +801,7 @@ static MIME_HEADER *mime_hdr_new(char *name, char *value)
        if(name) {
                if(!(tmpname = BUF_strdup(name))) return NULL;
                for(p = tmpname ; *p; p++) {
-                       c = *p;
+                       c = (unsigned char)*p;
                        if(isupper(c)) {
                                c = tolower(c);
                                *p = c;
@@ -811,7 +811,7 @@ static MIME_HEADER *mime_hdr_new(char *name, char *value)
        if(value) {
                if(!(tmpval = BUF_strdup(value))) return NULL;
                for(p = tmpval ; *p; p++) {
-                       c = *p;
+                       c = (unsigned char)*p;
                        if(isupper(c)) {
                                c = tolower(c);
                                *p = c;
@@ -835,7 +835,7 @@ static int mime_hdr_addparam(MIME_HEADER *mhdr, char *name, char *value)
                tmpname = BUF_strdup(name);
                if(!tmpname) return 0;
                for(p = tmpname ; *p; p++) {
-                       c = *p;
+                       c = (unsigned char)*p;
                        if(isupper(c)) {
                                c = tolower(c);
                                *p = c;
index caaea99..4a05853 100644 (file)
@@ -123,7 +123,7 @@ static int pkey_gost_ctrl94_str(EVP_PKEY_CTX *ctx,
                        }
                if (strlen(value) == 1)
                        {
-                       switch(toupper(value[0]))
+                       switch(toupper((unsigned char)value[0]))
                                {
                                case 'A':
                                        param_nid = NID_id_GostR3410_94_CryptoPro_A_ParamSet;
@@ -142,9 +142,9 @@ static int pkey_gost_ctrl94_str(EVP_PKEY_CTX *ctx,
                                        break;
                                }
                        }
-               else if ((strlen(value) == 2) && (toupper(value[0]) == 'X'))
+               else if ((strlen(value) == 2) && (toupper((unsigned char)value[0]) == 'X'))
                        {
-                       switch (toupper(value[1]))
+                       switch (toupper((unsigned char)value[1]))
                                {
                                case 'A':
                                        param_nid = NID_id_GostR3410_94_CryptoPro_XchA_ParamSet;
@@ -198,7 +198,7 @@ static int pkey_gost_ctrl01_str(EVP_PKEY_CTX *ctx,
                        }
                if (strlen(value) == 1)
                        {
-                       switch(toupper(value[0]))
+                       switch(toupper((unsigned char)value[0]))
                                {
                                case 'A':
                                        param_nid = NID_id_GostR3410_2001_CryptoPro_A_ParamSet;
@@ -217,9 +217,9 @@ static int pkey_gost_ctrl01_str(EVP_PKEY_CTX *ctx,
                                        break;
                                }
                        }
-               else if ((strlen(value) == 2) && (toupper(value[0]) == 'X'))
+               else if ((strlen(value) == 2) && (toupper((unsigned char)value[0]) == 'X'))
                        {
-                       switch (toupper(value[1]))
+                       switch (toupper((unsigned char)value[1]))
                                {
                                case 'A':
                                        param_nid = NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet;