security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

* iobuf.c (check_special_filename): Replaced is isdigit by digitp 

to avoid passing negative values and potential locale problems.
Problem noted by Christian Biere.
* strgutil.c (strlwr,strcasecmp,strncasecmp): Make sure we don't
pass a negative value.
* miscutil.c (scan_isodatestr): Ditto.
This commit is contained in:
David Shaw 2003-07-10 12:26:42 +00:00
parent d8a6bd3b84
commit 654276143b
4 changed files with 21 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
util/ChangeLog
View File

@ -1,3 +1,12 @@
2003-07-10 David Shaw <dshaw@jabberwocky.com> (from Werner on stable branch)
* iobuf.c (check_special_filename): Replaced is isdigit by digitp
to avoid passing negative values and potential locale problems.
Problem noted by Christian Biere.
* strgutil.c (strlwr,strcasecmp,strncasecmp): Make sure we don't
pass a negative value.
* miscutil.c (scan_isodatestr): Ditto.
2003-05-30 David Shaw <dshaw@jabberwocky.com> 2003-05-30 David Shaw <dshaw@jabberwocky.com>
* srv.h, srv.c: Include windows.h with MINGW32. * srv.h, srv.c: Include windows.h with MINGW32.

2
util/iobuf.c
View File

@ -1032,7 +1032,7 @@ check_special_filename ( const char *fname )
int i; int i;
fname += 2; fname += 2;
for (i=0; isdigit (fname[i]); i++ ) for (i=0; digitp (fname+i); i++ )
; ;
if ( !fname[i] ) if ( !fname[i] )
return atoi (fname); return atoi (fname);

8
util/miscutil.c
View File

@ -1,5 +1,5 @@
/* miscutil.c - miscellaneous utilities /* miscutil.c - miscellaneous utilities
* Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc. * Copyright (C) 1998, 1999, 2000, 2001, 2003 Free Software Foundation, Inc.
* *
* This file is part of GnuPG. * This file is part of GnuPG.
* *
@ -56,11 +56,11 @@ scan_isodatestr( const char *string )
if( strlen(string) != 10 || string[4] != '-' || string[7] != '-' ) if( strlen(string) != 10 || string[4] != '-' || string[7] != '-' )
return 0; return 0;
for( i=0; i < 4; i++ ) for( i=0; i < 4; i++ )
if( !isdigit(string[i]) ) if( !digitp(string+i) )
return 0; return 0;
if( !isdigit(string[5]) || !isdigit(string[6]) ) if( !digitp(string+5) || !digitp(string+6) )
return 0; return 0;
if( !isdigit(string[8]) || !isdigit(string[9]) ) if( !digitp(string+8) || !digitp(string+9) )
return 0; return 0;
year = atoi(string); year = atoi(string);
month = atoi(string+5); month = atoi(string+5);

11
util/strgutil.c
View File

@ -1,5 +1,6 @@
/* strgutil.c - string utilities /* strgutil.c - string utilities
* Copyright (C) 1994, 1998, 1999, 2000, 2001 Free Software Foundation, Inc. * Copyright (C) 1994, 1998, 1999, 2000, 2001,
* 2003 Free Software Foundation, Inc.
* *
* This file is part of GnuPG. * This file is part of GnuPG.
* *
@ -825,7 +826,7 @@ strlwr(char *s)
{ {
char *p; char *p;
for(p=s; *p; p++ ) for(p=s; *p; p++ )
*p = tolower(*p); *p = tolower(*(unsigned char *)p);
return s; return s;
} }
#endif #endif
@ -835,7 +836,8 @@ int
strcasecmp( const char *a, const char *b ) strcasecmp( const char *a, const char *b )
{ {
for( ; *a && *b; a++, b++ ) { for( ; *a && *b; a++, b++ ) {
if( *a != *b && toupper(*a) != toupper(*b) ) if( *a != *b
&& toupper(*(const byte *)a) != toupper(*(const byte *)b) )
break; break;
} }
return *(const byte*)a - *(const byte*)b; return *(const byte*)a - *(const byte*)b;
@ -847,7 +849,8 @@ int
strncasecmp( const char *a, const char *b, size_t n ) strncasecmp( const char *a, const char *b, size_t n )
{ {
for( ; n && *a && *b; a++, b++, n--) { for( ; n && *a && *b; a++, b++, n--) {
if( *a != *b && toupper(*a) != toupper(*b) ) if( *a != *b
&& toupper(*(const byte *)a) != toupper(*(const byte *)b) )
break; break;
} }
if (!n) if (!n)