Sanitize usage of <ctype.h> functions. It's important that characters

are passed zero-extended, not sign-extended.
PR: 2682

diff --git a/apps/ca.c b/apps/ca.c
index de3122b7ec2e2e9604f5e6a1b0721a1c92a30a96..1cf50e00294d6355b99591c0b2ce6bdfdcf42df6 100644 (file)
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -2561,7 +2561,7 @@ static int get_certificate_status(const char *serial, CA_DB *db)
                        
        /* Make it Upper Case */
        for (i=0; row[DB_serial][i] != '\0'; i++)
-               row[DB_serial][i] = toupper(row[DB_serial][i]);
+               row[DB_serial][i] = toupper((unsigned char)row[DB_serial][i]);
        
 
        ok=1;

diff --git a/apps/s_client.c b/apps/s_client.c
index 84ba86e945293c9faa7e71c60e812bd431fd7d76..dbc0700ded2fc9da4d4210a2fe06f0de4dc84752 100644 (file)
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -763,7 +763,7 @@ int MAIN(int argc, char **argv)
                        psk_key=*(++argv);
                        for (j = 0; j < strlen(psk_key); j++)
                                 {
-                                if (isxdigit((int)psk_key[j]))
+                                if (isxdigit((unsigned char)psk_key[j]))
                                         continue;
                                 BIO_printf(bio_err,"Not a hex number '%s'\n",*argv);
                                 goto bad;

diff --git a/apps/s_server.c b/apps/s_server.c
index 961077c36fcf7cc90dd60ecea0651dfeb840ebfa..92bd28b8e388febca45cf75fc091403366fe1e35 100644 (file)
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -1219,7 +1219,7 @@ int MAIN(int argc, char *argv[])
                        psk_key=*(++argv);
                        for (i=0; i<strlen(psk_key); i++)
                                {
-                               if (isxdigit((int)psk_key[i]))
+                               if (isxdigit((unsigned char)psk_key[i]))
                                        continue;
                                BIO_printf(bio_err,"Not a hex number '%s'\n",*argv);
                                goto bad;

diff --git a/crypto/asn1/asn_mime.c b/crypto/asn1/asn_mime.c
index c1d1b12291c4b99a9043cbf1771ef3c2b4291f22..bbc4952918debe43691c2dfa53965083e61bd50c 100644 (file)
--- a/crypto/asn1/asn_mime.c
+++ b/crypto/asn1/asn_mime.c
@@ -801,7 +801,7 @@ static MIME_HEADER *mime_hdr_new(char *name, char *value)
        if(name) {
                if(!(tmpname = BUF_strdup(name))) return NULL;
                for(p = tmpname ; *p; p++) {
-                       c = *p;
+                       c = (unsigned char)*p;
                        if(isupper(c)) {
                                c = tolower(c);
                                *p = c;
@@ -811,7 +811,7 @@ static MIME_HEADER *mime_hdr_new(char *name, char *value)
        if(value) {
                if(!(tmpval = BUF_strdup(value))) return NULL;
                for(p = tmpval ; *p; p++) {
-                       c = *p;
+                       c = (unsigned char)*p;
                        if(isupper(c)) {
                                c = tolower(c);
                                *p = c;
@@ -835,7 +835,7 @@ static int mime_hdr_addparam(MIME_HEADER *mhdr, char *name, char *value)
                tmpname = BUF_strdup(name);
                if(!tmpname) return 0;
                for(p = tmpname ; *p; p++) {
-                       c = *p;
+                       c = (unsigned char)*p;
                        if(isupper(c)) {
                                c = tolower(c);
                                *p = c;

diff --git a/engines/ccgost/gost_pmeth.c b/engines/ccgost/gost_pmeth.c
index caaea99d360b4753083c0a33343eea840f441d1f..4a05853e55e956f3bc504afb1a534d3968e86c5e 100644 (file)
--- a/engines/ccgost/gost_pmeth.c
+++ b/engines/ccgost/gost_pmeth.c
@@ -123,7 +123,7 @@ static int pkey_gost_ctrl94_str(EVP_PKEY_CTX *ctx,
                        }
                if (strlen(value) == 1)
                        {
-                       switch(toupper(value[0]))
+                       switch(toupper((unsigned char)value[0]))
                                {
                                case 'A':
                                        param_nid = NID_id_GostR3410_94_CryptoPro_A_ParamSet;
@@ -142,9 +142,9 @@ static int pkey_gost_ctrl94_str(EVP_PKEY_CTX *ctx,
                                        break;
                                }
                        }
-               else if ((strlen(value) == 2) && (toupper(value[0]) == 'X'))
+               else if ((strlen(value) == 2) && (toupper((unsigned char)value[0]) == 'X'))
                        {
-                       switch (toupper(value[1]))
+                       switch (toupper((unsigned char)value[1]))
                                {
                                case 'A':
                                        param_nid = NID_id_GostR3410_94_CryptoPro_XchA_ParamSet;
@@ -198,7 +198,7 @@ static int pkey_gost_ctrl01_str(EVP_PKEY_CTX *ctx,
                        }
                if (strlen(value) == 1)
                        {
-                       switch(toupper(value[0]))
+                       switch(toupper((unsigned char)value[0]))
                                {
                                case 'A':
                                        param_nid = NID_id_GostR3410_2001_CryptoPro_A_ParamSet;
@@ -217,9 +217,9 @@ static int pkey_gost_ctrl01_str(EVP_PKEY_CTX *ctx,
                                        break;
                                }
                        }
-               else if ((strlen(value) == 2) && (toupper(value[0]) == 'X'))
+               else if ((strlen(value) == 2) && (toupper((unsigned char)value[0]) == 'X'))
                        {
-                       switch (toupper(value[1]))
+                       switch (toupper((unsigned char)value[1]))
                                {
                                case 'A':
                                        param_nid = NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet;