www-apache-bugdb mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dean Gaudet <dgau...@arctic.org>
Subject Re: general/1305: Apache is *very* unprotected against characters with 8bit set
Date Thu, 23 Oct 1997 09:50:00 GMT
The following reply was made to PR general/1305; it has been noted by GNATS.

From: Dean Gaudet <dgaudet@arctic.org>
To: =?KOI8-R?B?4c7E0sXKIP7F0s7P1w==?= <ache@nagual.pp.ru>
Cc: apbugs@apache.org
Subject: Re: general/1305: Apache is *very* unprotected against characters with 8bit set
Date: Thu, 23 Oct 1997 02:47:42 -0700 (PDT)

 On Thu, 23 Oct 1997, [KOI8-R] =E1=CE=C4=D2=C5=CA =FE=C5=D2=CE=CF=D7 wrote:
 
 > On 23 Oct 1997 dgaudet@hyperreal.org wrote:
 >=20
 > > Adding (unsigned char) casts everywhere introduces more potential bugs
 > > than it is worth (i.e. it hides other potential signed/unsigned issues)=
 =2E
 >=20
 > Hmm, what potential bugs your mean? I see no absolutely no bugs with this
 > cast. Of course I mean not "everywhere" but only in ctype macros.
 > Lots of popular software (like tin-unoff f.e.) already do that.
 
 I just mean in general, any time you add a cast you are defeating the
 C compiler's type protection mechanisms... and they're already weak
 enough to begin with.
 
 > > Any ANSI compiler worth its salt has an option for unsigned chars, gcc
 > > included (-funsigned-char).  Does your patch have other things in it?
 >=20
 > Of course making default char "unsigned" will be a sort of solution, if
 > Apache not essentialy use char as signed in some places. This solution
 > looks too global for me and can cause some prototypes problem...
 
 If Apache assumes char is signed anywhere then that is a bug.  ANSI leaves
 signed/unsigned char up to the compiler implementation.  So we could
 easily be bitten by this on some platforms.
 
 > (unsigned char) cast of ctype macro arg is absolutely safe in any
 > platform.
 
 Consider this:
 
     char *s;
     foo =3D islower((unsigned char)s);
 
 the programmer probably meant to do this:
 
     foo =3D islower((unsigned char)*s);
 
 The cast lets that go through... without a warning.  Seems like a pretty
 silly thing to do, but I assure you that it'll happen if we start
 making (unsigned char) casts all over the place.  Besides, it's difficult
 for us to maintain (unsigned char) as we move forward -- we have to
 remember to add it everywhere.
 
 I think I'd be a lot happier dictating that I18N requires a "good enough"
 C compiler.=20
 
 > > But if you're keen on working on it, that's cool, but it needs
 > > to be investigated across multiple platforms... and you should
 > > join the new-httpd mailing list (via majordomo@apache.org).
 >=20
 > Uh, maybe, but I have no time for another project right now...
 > I prefer to continue discuss issues I touch with anybody who interested
 > without reading yet one mailing list...
 
 understandable :)
 
 Dean
 

Mime
View raw message