netbsd-bugs: Re: lib/19638: isalpha (3) bug

Subject: Re: lib/19638: isalpha (3) bug
To: None <mac@culver.net>
From: Dave Sainty <dave@dtsp.co.nz>
List: netbsd-bugs
Date: 01/03/2003 00:09:05

mac@S.Culver.Net writes:

> 
> >Number:         19638
> >Category:       lib
> >Synopsis:       isalpha() seg faults with valid input data
> >Confidential:   no
> >Severity:       serious
> >Priority:       high
> >Responsible:    lib-bug-people
> >State:          open
> >Class:          sw-bug
> >Submitter-Id:   net
> >Arrival-Date:   Thu Jan 02 01:12:00 PST 2003
> >Originator:     Mike Cheponis
> >Release:        NetBSD 1.6
> >Organization:
> Architecture: i386
> Machine: i386
> >Description:
> isalpha() seg faults with valid input data, in this case, the first int
> that causes the seg fault is 81183.  See sample code, below.
> >How-To-Repeat:
> #include <stdio.h>
> #include <stdlib.h>
> #include <ctype.h>
> 
> int main()
> {
>   int c=81183;
>   int v;
> 
>   v = isalpha(c);
> 
>   return 0;
> }

81183 isn't considered valid data.  From the man page:

  CAVEATS
     The argument to isalpha() must be EOF or representable as an unsigned
     char; otherwise, the result is undefined.

A seg fault is reasonable undefined behaviour.  The functions do not
check for out-of-bounds input for reasons of efficiency.

Cheers,

Dave