netbsd-bugs: Re: lib/19638: isalpha (3) bug

Subject: Re: lib/19638: isalpha (3) bug
To: Dave Sainty <dave@dtsp.co.nz>
From: Mike Cheponis <mac@Wireless.Com>
List: netbsd-bugs
Date: 01/02/2003 10:52:49
Thanks for rapid response!


Interesting.  Here is my man page:

$ man isalpha                                                    ~/January.2003
ISALPHA(3)                NetBSD Programmer's Manual                ISALPHA(3)

NAME
     isalpha - alphabetic character test

LIBRARY
     Standard C Library (libc, -lc)

SYNOPSIS
     #include <ctype.h>

     int
     isalpha(int c);

DESCRIPTION
     The isalpha() function tests for any character for which isupper(3) or
     islower(3) is true and for which none of iscntrl(3), isdigit(3),
     ispunct(3), or isspace(3) is true.  In the ``C'' locale, isalpha() re-
     turns true only for the characters for which isupper(3) or islower(3) is
     true.

RETURN VALUES
     The isalpha() macro returns zero if the character tests false and returns
     non-zero if the character tests true.

SEE ALSO
     isalnum(3), isascii(3), isblank(3), iscntrl(3), isdigit(3), isgraph(3),
     islower(3), isprint(3), ispunct(3), isspace(3), isupper(3), isxdigit(3),
     stdio(3), toascii(3), tolower(3), toupper(3), ascii(7)

STANDARDS
     The isalpha() function conforms to ANSI X3.159-1989 (``ANSI C'').

NetBSD 1.6                       June 29, 1991



Still, it seems a gross bug to take an "int" argument and then segfault
when the routine sees an argument it doesn't like.

It's not the "NetBSD Way".

Thanks  -Mike




On Fri, 3 Jan 2003, Dave Sainty wrote:

> Date: Fri, 03 Jan 2003 00:09:05 +1300
> From: Dave Sainty <dave@dtsp.co.nz>
> To: mac@culver.net
> Cc: netbsd-bugs@netbsd.org, dave@dtsp.co.nz
> Subject: Re: lib/19638: isalpha (3) bug
>
> mac@S.Culver.Net writes:
>
> >
> > >Number:         19638
> > >Category:       lib
> > >Synopsis:       isalpha() seg faults with valid input data
> > >Confidential:   no
> > >Severity:       serious
> > >Priority:       high
> > >Responsible:    lib-bug-people
> > >State:          open
> > >Class:          sw-bug
> > >Submitter-Id:   net
> > >Arrival-Date:   Thu Jan 02 01:12:00 PST 2003
> > >Originator:     Mike Cheponis
> > >Release:        NetBSD 1.6
> > >Organization:
> > Architecture: i386
> > Machine: i386
> > >Description:
> > isalpha() seg faults with valid input data, in this case, the first int
> > that causes the seg fault is 81183.  See sample code, below.
> > >How-To-Repeat:
> > #include <stdio.h>
> > #include <stdlib.h>
> > #include <ctype.h>
> >
> > int main()
> > {
> >   int c=81183;
> >   int v;
> >
> >   v = isalpha(c);
> >
> >   return 0;
> > }
>
> 81183 isn't considered valid data.  From the man page:
>
>   CAVEATS
>      The argument to isalpha() must be EOF or representable as an unsigned
>      char; otherwise, the result is undefined.
>
> A seg fault is reasonable undefined behaviour.  The functions do not
> check for out-of-bounds input for reasons of efficiency.
>
> Cheers,
>
> Dave
>