pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/devel/nss
Module Name: pkgsrc
Committed By: riastradh
Date: Thu Apr 7 19:08:40 UTC 2022
Modified Files:
pkgsrc/devel/nss: Makefile distinfo
pkgsrc/devel/nss/patches: patch-nss_lib_util_utilpars.c
Added Files:
pkgsrc/devel/nss/patches: patch-nss_cmd_certutil_certutil.c
patch-nss_cmd_fipstest_fipstest.c
patch-nss_cmd_pk11gcmtest_pk11gcmtest.c
patch-nss_cmd_signtool_certgen.c patch-nss_cmd_signtool_util.c
patch-nss_lib_certdb_alg1485.c patch-nss_lib_certdb_certdb.c
patch-nss_lib_dbm_src_mktemp.c patch-nss_lib_nss_nssinit.c
patch-nss_lib_softoken_legacydb_lowcert.c
patch-nss_lib_util_oidstring.c patch-nss_lib_util_portreg.c
Log Message:
devel/nss: Patch ctype(3) abuse.
To generate a diff of this commit:
cvs rdiff -u -r1.225 -r1.226 pkgsrc/devel/nss/Makefile
cvs rdiff -u -r1.149 -r1.150 pkgsrc/devel/nss/distinfo
cvs rdiff -u -r0 -r1.1 \
pkgsrc/devel/nss/patches/patch-nss_cmd_certutil_certutil.c \
pkgsrc/devel/nss/patches/patch-nss_cmd_fipstest_fipstest.c \
pkgsrc/devel/nss/patches/patch-nss_cmd_pk11gcmtest_pk11gcmtest.c \
pkgsrc/devel/nss/patches/patch-nss_cmd_signtool_certgen.c \
pkgsrc/devel/nss/patches/patch-nss_cmd_signtool_util.c \
pkgsrc/devel/nss/patches/patch-nss_lib_certdb_alg1485.c \
pkgsrc/devel/nss/patches/patch-nss_lib_certdb_certdb.c \
pkgsrc/devel/nss/patches/patch-nss_lib_dbm_src_mktemp.c \
pkgsrc/devel/nss/patches/patch-nss_lib_nss_nssinit.c \
pkgsrc/devel/nss/patches/patch-nss_lib_softoken_legacydb_lowcert.c \
pkgsrc/devel/nss/patches/patch-nss_lib_util_oidstring.c \
pkgsrc/devel/nss/patches/patch-nss_lib_util_portreg.c
cvs rdiff -u -r1.1 -r1.2 \
pkgsrc/devel/nss/patches/patch-nss_lib_util_utilpars.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: pkgsrc/devel/nss/Makefile
diff -u pkgsrc/devel/nss/Makefile:1.225 pkgsrc/devel/nss/Makefile:1.226
--- pkgsrc/devel/nss/Makefile:1.225 Tue Apr 5 10:05:43 2022
+++ pkgsrc/devel/nss/Makefile Thu Apr 7 19:08:40 2022
@@ -1,10 +1,11 @@
-# $NetBSD: Makefile,v 1.225 2022/04/05 10:05:43 riastradh Exp $
+# $NetBSD: Makefile,v 1.226 2022/04/07 19:08:40 riastradh Exp $
#
# release notes
# https://firefox-source-docs.mozilla.org/security/nss/releases/index.html
DISTNAME= nss-${NSS_RELEASE:S/.0$//}
NSS_RELEASE= 3.77.0
+PKGREVISION= 1
CATEGORIES= devel security
MASTER_SITES= ${MASTER_SITE_MOZILLA_ALL:=security/nss/releases/NSS_${NSS_DIST_DIR_VERSION:S/_0$//}_RTM/src/}
Index: pkgsrc/devel/nss/distinfo
diff -u pkgsrc/devel/nss/distinfo:1.149 pkgsrc/devel/nss/distinfo:1.150
--- pkgsrc/devel/nss/distinfo:1.149 Thu Mar 31 18:10:52 2022
+++ pkgsrc/devel/nss/distinfo Thu Apr 7 19:08:40 2022
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.149 2022/03/31 18:10:52 wiz Exp $
+$NetBSD: distinfo,v 1.150 2022/04/07 19:08:40 riastradh Exp $
BLAKE2s (nss-3.77.tar.gz) = 3565c858677fbccb6b773125b34e2e8cb3e83b45bdd68f05ebfa12c32af11d8e
SHA512 (nss-3.77.tar.gz) = bd62eeb8f90ecd2d3999fd78fea6652736c02a6530f29e98d0cad0707f3b901b30409132eb6a6d53b9f5c05c6b464615a946a2a3e255553c793e44d0ed93179e
@@ -7,13 +7,25 @@ SHA1 (patch-md) = 8547c9414332c02221b967
SHA1 (patch-me) = ffb5f119764c158c0bd789bd18fc77c61f2e9d2b
SHA1 (patch-mf) = 40e58385fb6f944f463bf00b9aad72bc4ea229d0
SHA1 (patch-mn) = 5b79783e48249044be1a904a6cfd20ba175b5fd4
+SHA1 (patch-nss_cmd_certutil_certutil.c) = 76acb4c30779fb44d24fb59fcfe555b238816197
+SHA1 (patch-nss_cmd_fipstest_fipstest.c) = 2f2028b9ab1e63bc7160acc0f0c61d843755ff76
+SHA1 (patch-nss_cmd_pk11gcmtest_pk11gcmtest.c) = b31cb30343f3983e0afa5d0f322207620257cb98
SHA1 (patch-nss_cmd_platlibs.mk) = 01f4350de601b29c94e8a791a28daca226866bb6
SHA1 (patch-nss_cmd_shlibsign_sign.sh) = 7948b7b502a4c148ee185836dde8a84d3aa388af
+SHA1 (patch-nss_cmd_signtool_certgen.c) = 56bc3068543121d6bc34e7fdc41a021ae0c49364
+SHA1 (patch-nss_cmd_signtool_util.c) = ab9dc7cdcc6c33191edcb058b6004109bd5825d6
SHA1 (patch-nss_coreconf_OpenBSD.mk) = 944f71fcaaa7d5b2b3ed008341b1392a65480f2b
SHA1 (patch-nss_coreconf_command.mk) = a7b682d367825b48f8802fa30cee83f10680bb74
+SHA1 (patch-nss_lib_certdb_alg1485.c) = 71f1b1b2ce839d105a5be61640ee21ed91e742dd
+SHA1 (patch-nss_lib_certdb_certdb.c) = c3ce6300d981edf4054cabbd3ecb8bd6810718d5
+SHA1 (patch-nss_lib_dbm_src_mktemp.c) = e051e46ac36ea7670047b95d728e38b37af85b77
SHA1 (patch-nss_lib_freebl_aes-armv8.c) = aa698f61dd3d66ba707a9b5425bc15d057244ad7
SHA1 (patch-nss_lib_freebl_gcm-aarch64.c) = 311cfe7ca58e91285052d0ca27bd2df3f325071b
SHA1 (patch-nss_lib_freebl_sha256-armv8.c) = 48ec50204493dd510099a3495f3b775c6bfa8828
-SHA1 (patch-nss_lib_util_utilpars.c) = 5d3000515b01037929730a752b7d7a0f46f06deb
+SHA1 (patch-nss_lib_nss_nssinit.c) = bcef361041afa6bd2462b49142b5e56b8641f038
+SHA1 (patch-nss_lib_softoken_legacydb_lowcert.c) = 79b20197ec901480bce5c91ce1abb1bbfa73612e
+SHA1 (patch-nss_lib_util_oidstring.c) = 76d792c9fd95c39c0bf75950a9c048fd43fd496c
+SHA1 (patch-nss_lib_util_portreg.c) = 52ea179827ef562394bdbb5408765ab5e04daf58
+SHA1 (patch-nss_lib_util_utilpars.c) = 1739a132d23edf17cea131c7186dd72cb545e424
SHA1 (patch-nss_tests_all.sh) = b328778b538db66f5447f962f23afd6f650f7071
SHA1 (patch-nss_tests_merge_merge.sh) = 42a4866d226b1076740ba9a5e42c7604f2cb15a7
Index: pkgsrc/devel/nss/patches/patch-nss_lib_util_utilpars.c
diff -u pkgsrc/devel/nss/patches/patch-nss_lib_util_utilpars.c:1.1 pkgsrc/devel/nss/patches/patch-nss_lib_util_utilpars.c:1.2
--- pkgsrc/devel/nss/patches/patch-nss_lib_util_utilpars.c:1.1 Sat Feb 24 11:35:48 2018
+++ pkgsrc/devel/nss/patches/patch-nss_lib_util_utilpars.c Thu Apr 7 19:08:40 2022
@@ -1,10 +1,21 @@
-$NetBSD: patch-nss_lib_util_utilpars.c,v 1.1 2018/02/24 11:35:48 ryoon Exp $
+$NetBSD: patch-nss_lib_util_utilpars.c,v 1.2 2022/04/07 19:08:40 riastradh Exp $
Revert Bug 1377940 to fix misc/libreoffice
---- nss/lib/util/utilpars.c.orig 2018-01-18 14:19:59.000000000 +0000
+Fix ctype(3) abuse: https://bugzilla.mozilla.org/show_bug.cgi?id=1246768
+
+--- nss/lib/util/utilpars.c.orig 2022-03-03 10:18:53.000000000 +0000
+++ nss/lib/util/utilpars.c
-@@ -1111,8 +1111,12 @@ _NSSUTIL_EvaluateConfigDir(const char *c
+@@ -274,7 +274,7 @@ NSSUTIL_ArgDecodeNumber(const char *num)
+ }
+
+ for (; *num; num++) {
+- if (isdigit(*num)) {
++ if (isdigit((unsigned char)*num)) {
+ digit = *num - '0';
+ } else if ((*num >= 'a') && (*num <= 'f')) {
+ digit = *num - 'a' + 10;
+@@ -1197,8 +1197,12 @@ _NSSUTIL_EvaluateConfigDir(const char *c
NSSDBType dbType;
PRBool checkEnvDefaultDB = PR_FALSE;
*appName = NULL;
Added files:
Index: pkgsrc/devel/nss/patches/patch-nss_cmd_certutil_certutil.c
diff -u /dev/null pkgsrc/devel/nss/patches/patch-nss_cmd_certutil_certutil.c:1.1
--- /dev/null Thu Apr 7 19:08:40 2022
+++ pkgsrc/devel/nss/patches/patch-nss_cmd_certutil_certutil.c Thu Apr 7 19:08:40 2022
@@ -0,0 +1,15 @@
+$NetBSD: patch-nss_cmd_certutil_certutil.c,v 1.1 2022/04/07 19:08:40 riastradh Exp $
+
+Fix ctype(3) abuse: https://bugzilla.mozilla.org/show_bug.cgi?id=1246768
+
+--- nss/cmd/certutil/certutil.c.orig 2022-03-03 10:18:53.000000000 +0000
++++ nss/cmd/certutil/certutil.c
+@@ -3977,7 +3977,7 @@ shutdown:
+ newargv[1] = nextcommand;
+ nextarg = nextcommand;
+ while ((space = PORT_Strpbrk(nextarg, " \f\n\r\t\v"))) {
+- while (isspace(*space)) {
++ while (isspace((unsigned char)*space)) {
+ *space = '\0';
+ space++;
+ }
Index: pkgsrc/devel/nss/patches/patch-nss_cmd_fipstest_fipstest.c
diff -u /dev/null pkgsrc/devel/nss/patches/patch-nss_cmd_fipstest_fipstest.c:1.1
--- /dev/null Thu Apr 7 19:08:40 2022
+++ pkgsrc/devel/nss/patches/patch-nss_cmd_fipstest_fipstest.c Thu Apr 7 19:08:40 2022
@@ -0,0 +1,1420 @@
+$NetBSD: patch-nss_cmd_fipstest_fipstest.c,v 1.1 2022/04/07 19:08:40 riastradh Exp $
+
+Fix ctype(3) abuse: https://bugzilla.mozilla.org/show_bug.cgi?id=1246768
+
+--- nss/cmd/fipstest/fipstest.c.orig 2022-03-03 10:18:53.000000000 +0000
++++ nss/cmd/fipstest/fipstest.c
+@@ -128,7 +128,7 @@ from_hex_str(unsigned char *buf, unsigne
+
+ /* count the hex digits */
+ nxdigit = 0;
+- for (nxdigit = 0; isxdigit(str[nxdigit]); nxdigit++) {
++ for (nxdigit = 0; isxdigit((unsigned char)str[nxdigit]); nxdigit++) {
+ /* empty body */
+ }
+ if (nxdigit == 0) {
+@@ -336,7 +336,7 @@ tdea_kat_mmt(char *reqfn)
+ /* NumKeys */
+ if (strncmp(&buf[0], "NumKeys", 7) == 0) {
+ i = 7;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ numKeys = buf[i];
+@@ -360,10 +360,10 @@ tdea_kat_mmt(char *reqfn)
+ if (numKeys == 0) {
+ if (strncmp(buf, "KEYs", 4) == 0) {
+ i = 4;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+- for (j = 0; isxdigit(buf[i]); i += 2, j++) {
++ for (j = 0; isxdigit((unsigned char)buf[i]); i += 2, j++) {
+ hex_to_byteval(&buf[i], &key[j]);
+ key[j + 8] = key[j];
+ key[j + 16] = key[j];
+@@ -375,10 +375,10 @@ tdea_kat_mmt(char *reqfn)
+ /* KEY1 = ... */
+ if (strncmp(buf, "KEY1", 4) == 0) {
+ i = 4;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+- for (j = 0; isxdigit(buf[i]); i += 2, j++) {
++ for (j = 0; isxdigit((unsigned char)buf[i]); i += 2, j++) {
+ hex_to_byteval(&buf[i], &key[j]);
+ }
+ fputs(buf, resp);
+@@ -387,10 +387,10 @@ tdea_kat_mmt(char *reqfn)
+ /* KEY2 = ... */
+ if (strncmp(buf, "KEY2", 4) == 0) {
+ i = 4;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+- for (j = 8; isxdigit(buf[i]); i += 2, j++) {
++ for (j = 8; isxdigit((unsigned char)buf[i]); i += 2, j++) {
+ hex_to_byteval(&buf[i], &key[j]);
+ }
+ fputs(buf, resp);
+@@ -399,10 +399,10 @@ tdea_kat_mmt(char *reqfn)
+ /* KEY3 = ... */
+ if (strncmp(buf, "KEY3", 4) == 0) {
+ i = 4;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+- for (j = 16; isxdigit(buf[i]); i += 2, j++) {
++ for (j = 16; isxdigit((unsigned char)buf[i]); i += 2, j++) {
+ hex_to_byteval(&buf[i], &key[j]);
+ }
+ fputs(buf, resp);
+@@ -414,7 +414,7 @@ tdea_kat_mmt(char *reqfn)
+ if (strncmp(buf, "IV", 2) == 0) {
+ mode = NSS_DES_EDE3_CBC;
+ i = 2;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < sizeof iv; i += 2, j++) {
+@@ -431,10 +431,10 @@ tdea_kat_mmt(char *reqfn)
+ goto loser;
+ }
+ i = 9;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+- for (j = 0; isxdigit(buf[i]); i += 2, j++) {
++ for (j = 0; isxdigit((unsigned char)buf[i]); i += 2, j++) {
+ hex_to_byteval(&buf[i], &plaintext[j]);
+ }
+ plaintextlen = j;
+@@ -461,10 +461,10 @@ tdea_kat_mmt(char *reqfn)
+ }
+
+ i = 10;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+- for (j = 0; isxdigit(buf[i]); i += 2, j++) {
++ for (j = 0; isxdigit((unsigned char)buf[i]); i += 2, j++) {
+ hex_to_byteval(&buf[i], &ciphertext[j]);
+ }
+ ciphertextlen = j;
+@@ -779,7 +779,7 @@ tdea_mct(int mode, char *reqfn)
+ /* NumKeys */
+ if (strncmp(&buf[0], "NumKeys", 7) == 0) {
+ i = 7;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ numKeys = atoi(&buf[i]);
+@@ -788,10 +788,10 @@ tdea_mct(int mode, char *reqfn)
+ /* KEY1 = ... */
+ if (strncmp(buf, "KEY1", 4) == 0) {
+ i = 4;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+- for (j = 0; isxdigit(buf[i]); i += 2, j++) {
++ for (j = 0; isxdigit((unsigned char)buf[i]); i += 2, j++) {
+ hex_to_byteval(&buf[i], &key[j]);
+ }
+ continue;
+@@ -799,10 +799,10 @@ tdea_mct(int mode, char *reqfn)
+ /* KEY2 = ... */
+ if (strncmp(buf, "KEY2", 4) == 0) {
+ i = 4;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+- for (j = 8; isxdigit(buf[i]); i += 2, j++) {
++ for (j = 8; isxdigit((unsigned char)buf[i]); i += 2, j++) {
+ hex_to_byteval(&buf[i], &key[j]);
+ }
+ continue;
+@@ -810,10 +810,10 @@ tdea_mct(int mode, char *reqfn)
+ /* KEY3 = ... */
+ if (strncmp(buf, "KEY3", 4) == 0) {
+ i = 4;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+- for (j = 16; isxdigit(buf[i]); i += 2, j++) {
++ for (j = 16; isxdigit((unsigned char)buf[i]); i += 2, j++) {
+ hex_to_byteval(&buf[i], &key[j]);
+ }
+ continue;
+@@ -822,7 +822,7 @@ tdea_mct(int mode, char *reqfn)
+ /* IV = ... */
+ if (strncmp(buf, "IV", 2) == 0) {
+ i = 2;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < sizeof iv; i += 2, j++) {
+@@ -840,7 +840,7 @@ tdea_mct(int mode, char *reqfn)
+ }
+ /* PT[0] = PT */
+ i = 9;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < sizeof plaintext; i += 2, j++) {
+@@ -863,10 +863,10 @@ tdea_mct(int mode, char *reqfn)
+ }
+ /* CT[0] = CT */
+ i = 10;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+- for (j = 0; isxdigit(buf[i]); i += 2, j++) {
++ for (j = 0; isxdigit((unsigned char)buf[i]); i += 2, j++) {
+ hex_to_byteval(&buf[i], &ciphertext[j]);
+ }
+
+@@ -1071,10 +1071,10 @@ aes_gcm(char *reqfn, int encrypt)
+ /* KEY = ... */
+ if (strncmp(buf, "Key", 3) == 0) {
+ i = 3;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+- for (j = 0; isxdigit(buf[i]); i += 2, j++) {
++ for (j = 0; isxdigit((unsigned char)buf[i]); i += 2, j++) {
+ hex_to_byteval(&buf[i], &key[j]);
+ }
+ keysize = j;
+@@ -1084,7 +1084,7 @@ aes_gcm(char *reqfn, int encrypt)
+ /* IV = ... */
+ if (strncmp(buf, "IV", 2) == 0) {
+ i = 2;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < sizeof iv; i += 2, j++) {
+@@ -1101,10 +1101,10 @@ aes_gcm(char *reqfn, int encrypt)
+ }
+
+ i = 2;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+- for (j = 0; isxdigit(buf[i]); i += 2, j++) {
++ for (j = 0; isxdigit((unsigned char)buf[i]); i += 2, j++) {
+ hex_to_byteval(&buf[i], &plaintext[j]);
+ }
+ plaintextlen = j;
+@@ -1119,10 +1119,10 @@ aes_gcm(char *reqfn, int encrypt)
+ }
+
+ i = 2;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+- for (j = 0; isxdigit(buf[i]); i += 2, j++) {
++ for (j = 0; isxdigit((unsigned char)buf[i]); i += 2, j++) {
+ hex_to_byteval(&buf[i], &ciphertext[j]);
+ }
+ ciphertextlen = j;
+@@ -1131,10 +1131,10 @@ aes_gcm(char *reqfn, int encrypt)
+ }
+ if (strncmp(buf, "AAD", 3) == 0) {
+ i = 3;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+- for (j = 0; isxdigit(buf[i]); i += 2, j++) {
++ for (j = 0; isxdigit((unsigned char)buf[i]); i += 2, j++) {
+ hex_to_byteval(&buf[i], &aad[j]);
+ }
+ aadlen = j;
+@@ -1183,10 +1183,10 @@ aes_gcm(char *reqfn, int encrypt)
+ }
+
+ i = 3;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+- for (j = 0; isxdigit(buf[i]); i += 2, j++) {
++ for (j = 0; isxdigit((unsigned char)buf[i]); i += 2, j++) {
+ hex_to_byteval(&buf[i], &ciphertext[j + ciphertextlen]);
+ }
+ ciphertextlen += j;
+@@ -1282,10 +1282,10 @@ aes_kat_mmt(char *reqfn)
+ /* KEY = ... */
+ if (strncmp(buf, "KEY", 3) == 0) {
+ i = 3;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+- for (j = 0; isxdigit(buf[i]); i += 2, j++) {
++ for (j = 0; isxdigit((unsigned char)buf[i]); i += 2, j++) {
+ hex_to_byteval(&buf[i], &key[j]);
+ }
+ keysize = j;
+@@ -1296,7 +1296,7 @@ aes_kat_mmt(char *reqfn)
+ if (strncmp(buf, "IV", 2) == 0) {
+ mode = NSS_AES_CBC;
+ i = 2;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < sizeof iv; i += 2, j++) {
+@@ -1313,10 +1313,10 @@ aes_kat_mmt(char *reqfn)
+ }
+
+ i = 9;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+- for (j = 0; isxdigit(buf[i]); i += 2, j++) {
++ for (j = 0; isxdigit((unsigned char)buf[i]); i += 2, j++) {
+ hex_to_byteval(&buf[i], &plaintext[j]);
+ }
+ plaintextlen = j;
+@@ -1347,10 +1347,10 @@ aes_kat_mmt(char *reqfn)
+ }
+
+ i = 10;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+- for (j = 0; isxdigit(buf[i]); i += 2, j++) {
++ for (j = 0; isxdigit((unsigned char)buf[i]); i += 2, j++) {
+ hex_to_byteval(&buf[i], &ciphertext[j]);
+ }
+ ciphertextlen = j;
+@@ -1486,10 +1486,10 @@ aes_ecb_mct(char *reqfn)
+ if (strncmp(buf, "KEY", 3) == 0) {
+ /* Key[0] = Key */
+ i = 3;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+- for (j = 0; isxdigit(buf[i]); i += 2, j++) {
++ for (j = 0; isxdigit((unsigned char)buf[i]); i += 2, j++) {
+ hex_to_byteval(&buf[i], &key[j]);
+ }
+ keysize = j;
+@@ -1503,7 +1503,7 @@ aes_ecb_mct(char *reqfn)
+ }
+ /* PT[0] = PT */
+ i = 9;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < sizeof plaintext; i += 2, j++) {
+@@ -1601,10 +1601,10 @@ aes_ecb_mct(char *reqfn)
+ }
+ /* CT[0] = CT */
+ i = 10;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+- for (j = 0; isxdigit(buf[i]); i += 2, j++) {
++ for (j = 0; isxdigit((unsigned char)buf[i]); i += 2, j++) {
+ hex_to_byteval(&buf[i], &ciphertext[j]);
+ }
+
+@@ -1771,10 +1771,10 @@ aes_cbc_mct(char *reqfn)
+ if (strncmp(buf, "KEY", 3) == 0) {
+ /* Key[0] = Key */
+ i = 3;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+- for (j = 0; isxdigit(buf[i]); i += 2, j++) {
++ for (j = 0; isxdigit((unsigned char)buf[i]); i += 2, j++) {
+ hex_to_byteval(&buf[i], &key[j]);
+ }
+ keysize = j;
+@@ -1784,7 +1784,7 @@ aes_cbc_mct(char *reqfn)
+ if (strncmp(buf, "IV", 2) == 0) {
+ /* IV[0] = IV */
+ i = 2;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < sizeof iv; i += 2, j++) {
+@@ -1800,7 +1800,7 @@ aes_cbc_mct(char *reqfn)
+ }
+ /* PT[0] = PT */
+ i = 9;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < sizeof plaintext; i += 2, j++) {
+@@ -1912,10 +1912,10 @@ aes_cbc_mct(char *reqfn)
+ }
+ /* CT[0] = CT */
+ i = 10;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+- for (j = 0; isxdigit(buf[i]); i += 2, j++) {
++ for (j = 0; isxdigit((unsigned char)buf[i]); i += 2, j++) {
+ hex_to_byteval(&buf[i], &ciphertext[j]);
+ }
+
+@@ -2417,7 +2417,7 @@ ecdsa_keypair_test(char *reqfn)
+
+ src = &buf[1];
+ dst = &curve[4];
+- *dst++ = tolower(*src);
++ *dst++ = tolower((unsigned char)*src);
+ src += 2; /* skip the hyphen */
+ *dst++ = *src++;
+ *dst++ = *src++;
+@@ -2528,7 +2528,7 @@ ecdsa_pkv_test(char *reqfn)
+
+ src = &buf[1];
+ dst = &curve[4];
+- *dst++ = tolower(*src);
++ *dst++ = tolower((unsigned char)*src);
+ src += 2; /* skip the hyphen */
+ *dst++ = *src++;
+ *dst++ = *src++;
+@@ -2565,7 +2565,7 @@ ecdsa_pkv_test(char *reqfn)
+ if (strncmp(buf, "Qx", 2) == 0) {
+ fputs(buf, ecdsaresp);
+ i = 2;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ keyvalid = from_hex_str(&pubkey.data[1], len, &buf[i]);
+@@ -2579,7 +2579,7 @@ ecdsa_pkv_test(char *reqfn)
+ continue;
+ }
+ i = 2;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ keyvalid = from_hex_str(&pubkey.data[1 + len], len, &buf[i]);
+@@ -2653,7 +2653,7 @@ ecdsa_siggen_test(char *reqfn)
+
+ src = &buf[1];
+ dst = &curve[4];
+- *dst++ = tolower(*src);
++ *dst++ = tolower((unsigned char)*src);
+ src += 2; /* skip the hyphen */
+ *dst++ = *src++;
+ *dst++ = *src++;
+@@ -2688,10 +2688,10 @@ ecdsa_siggen_test(char *reqfn)
+ ECPrivateKey *ecpriv;
+
+ i = 3;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+- for (j = 0; isxdigit(buf[i]); i += 2, j++) {
++ for (j = 0; isxdigit((unsigned char)buf[i]); i += 2, j++) {
+ hex_to_byteval(&buf[i], &msg[j]);
+ }
+ msglen = j;
+@@ -2814,7 +2814,7 @@ ecdsa_sigver_test(char *reqfn)
+
+ src = &buf[1];
+ dst = &curve[4];
+- *dst++ = tolower(*src);
++ *dst++ = tolower((unsigned char)*src);
+ src += 2; /* skip the hyphen */
+ *dst++ = *src++;
+ *dst++ = *src++;
+@@ -2869,10 +2869,10 @@ ecdsa_sigver_test(char *reqfn)
+ /* Msg = ... */
+ if (strncmp(buf, "Msg", 3) == 0) {
+ i = 3;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+- for (j = 0; isxdigit(buf[i]); i += 2, j++) {
++ for (j = 0; isxdigit((unsigned char)buf[i]); i += 2, j++) {
+ hex_to_byteval(&buf[i], &msg[j]);
+ }
+ msglen = j;
+@@ -2897,7 +2897,7 @@ ecdsa_sigver_test(char *reqfn)
+ if (strncmp(buf, "Qx", 2) == 0) {
+ fputs(buf, ecdsaresp);
+ i = 2;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ keyvalid = from_hex_str(&ecpub.publicValue.data[1], flen,
+@@ -2911,7 +2911,7 @@ ecdsa_sigver_test(char *reqfn)
+ continue;
+ }
+ i = 2;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ keyvalid = from_hex_str(&ecpub.publicValue.data[1 + flen], flen,
+@@ -2933,7 +2933,7 @@ ecdsa_sigver_test(char *reqfn)
+ if (buf[0] == 'R') {
+ fputs(buf, ecdsaresp);
+ i = 1;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ sigvalid = from_hex_str(sig, olen, &buf[i]);
+@@ -2943,7 +2943,7 @@ ecdsa_sigver_test(char *reqfn)
+ if (buf[0] == 'S') {
+ fputs(buf, ecdsaresp);
+ i = 1;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ if (sigvalid) {
+@@ -3043,7 +3043,7 @@ ecdh_functional(char *reqfn, PRBool resp
+ while (*src && *src == ' ')
+ src++;
+ dst = &curve[4];
+- *dst++ = tolower(*src);
++ *dst++ = tolower((unsigned char)*src);
+ src += 2; /* skip the hyphen */
+ *dst++ = *src++;
+ *dst++ = *src++;
+@@ -3128,7 +3128,7 @@ ecdh_functional(char *reqfn, PRBool resp
+ if (strncmp(buf, "QeCAVSx", 7) == 0) {
+ fputs(buf, ecdhresp);
+ i = 7;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ from_hex_str(&pubkey.data[1], len, &buf[i]);
+@@ -3138,7 +3138,7 @@ ecdh_functional(char *reqfn, PRBool resp
+ if (strncmp(buf, "QeCAVSy", 7) == 0) {
+ fputs(buf, ecdhresp);
+ i = 7;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ from_hex_str(&pubkey.data[1 + len], len, &buf[i]);
+@@ -3296,7 +3296,7 @@ ecdh_verify(char *reqfn, PRBool response
+ while (*src && *src == ' ')
+ src++;
+ dst = &curve[4];
+- *dst++ = tolower(*src);
++ *dst++ = tolower((unsigned char)*src);
+ src += 2; /* skip the hyphen */
+ *dst++ = *src++;
+ *dst++ = *src++;
+@@ -3381,7 +3381,7 @@ ecdh_verify(char *reqfn, PRBool response
+ if (strncmp(buf, "QeCAVSx", 7) == 0) {
+ fputs(buf, ecdhresp);
+ i = 7;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ from_hex_str(&pubkey.data[1], len, &buf[i]);
+@@ -3391,7 +3391,7 @@ ecdh_verify(char *reqfn, PRBool response
+ if (strncmp(buf, "QeCAVSy", 7) == 0) {
+ fputs(buf, ecdhresp);
+ i = 7;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ from_hex_str(&pubkey.data[1 + len], len, &buf[i]);
+@@ -3400,7 +3400,7 @@ ecdh_verify(char *reqfn, PRBool response
+ if (strncmp(buf, "deIUT", 5) == 0) {
+ fputs(buf, ecdhresp);
+ i = 5;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ from_hex_str(private_data, len, &buf[i]);
+@@ -3420,7 +3420,7 @@ ecdh_verify(char *reqfn, PRBool response
+ (strncmp(buf, "HashZZ", 6) == 0)) {
+ fputs(buf, ecdhresp);
+ i = (buf[0] == 'C') ? 10 : 6;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ from_hex_str(cavsHashBuf, fips_hashLen(hash), &buf[i]);
+@@ -3577,11 +3577,11 @@ dh_functional(char *reqfn, PRBool respon
+ }
+ if (buf[0] == 'P') {
+ i = 1;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < pqg.prime.len; i += 2, j++) {
+- if (!isxdigit(buf[i])) {
++ if (!isxdigit((unsigned char)buf[i])) {
+ pqg.prime.len = j;
+ break;
+ }
+@@ -3595,11 +3595,11 @@ dh_functional(char *reqfn, PRBool respon
+ /* Q = ... */
+ if (buf[0] == 'Q') {
+ i = 1;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < pqg.subPrime.len; i += 2, j++) {
+- if (!isxdigit(buf[i])) {
++ if (!isxdigit((unsigned char)buf[i])) {
+ pqg.subPrime.len = j;
+ break;
+ }
+@@ -3613,11 +3613,11 @@ dh_functional(char *reqfn, PRBool respon
+ /* G = ... */
+ if (buf[0] == 'G') {
+ i = 1;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < pqg.base.len; i += 2, j++) {
+- if (!isxdigit(buf[i])) {
++ if (!isxdigit((unsigned char)buf[i])) {
+ pqg.base.len = j;
+ break;
+ }
+@@ -3638,7 +3638,7 @@ dh_functional(char *reqfn, PRBool respon
+ if (strncmp(buf, "YephemCAVS", 10) == 0) {
+ fputs(buf, dhresp);
+ i = 10;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ from_hex_str(pubkeydata, pqg.prime.len, &buf[i]);
+@@ -3771,11 +3771,11 @@ dh_verify(char *reqfn, PRBool response)
+ }
+ if (buf[0] == 'P') {
+ i = 1;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < pqg.prime.len; i += 2, j++) {
+- if (!isxdigit(buf[i])) {
++ if (!isxdigit((unsigned char)buf[i])) {
+ pqg.prime.len = j;
+ break;
+ }
+@@ -3789,11 +3789,11 @@ dh_verify(char *reqfn, PRBool response)
+ /* Q = ... */
+ if (buf[0] == 'Q') {
+ i = 1;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < pqg.subPrime.len; i += 2, j++) {
+- if (!isxdigit(buf[i])) {
++ if (!isxdigit((unsigned char)buf[i])) {
+ pqg.subPrime.len = j;
+ break;
+ }
+@@ -3807,11 +3807,11 @@ dh_verify(char *reqfn, PRBool response)
+ /* G = ... */
+ if (buf[0] == 'G') {
+ i = 1;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < pqg.base.len; i += 2, j++) {
+- if (!isxdigit(buf[i])) {
++ if (!isxdigit((unsigned char)buf[i])) {
+ pqg.base.len = j;
+ break;
+ }
+@@ -3832,7 +3832,7 @@ dh_verify(char *reqfn, PRBool response)
+ if (strncmp(buf, "YephemCAVS", 10) == 0) {
+ fputs(buf, dhresp);
+ i = 10;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ from_hex_str(pubkeydata, pqg.prime.len, &buf[i]);
+@@ -3844,7 +3844,7 @@ dh_verify(char *reqfn, PRBool response)
+ if (strncmp(buf, "XephemIUT", 9) == 0) {
+ fputs(buf, dhresp);
+ i = 9;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ from_hex_str(privkeydata, pqg.subPrime.len, &buf[i]);
+@@ -3862,7 +3862,7 @@ dh_verify(char *reqfn, PRBool response)
+ (strncmp(buf, "HashZZ", 6) == 0)) {
+ fputs(buf, dhresp);
+ i = buf[0] == 'C' ? 10 : 6;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ from_hex_str(cavsHashBuf, fips_hashLen(hash), &buf[i]);
+@@ -3908,7 +3908,7 @@ loser:
+ PRBool
+ isblankline(char *b)
+ {
+- while (isspace(*b))
++ while (isspace((unsigned char)*b))
+ b++;
+ if ((*b == '\n') || (*b == 0)) {
+ return PR_TRUE;
+@@ -4067,7 +4067,7 @@ drbg(char *reqfn)
+ if (strncmp(buf, "[PredictionResistance", 21) == 0) {
+ #ifdef HANDLE_PREDICTION_RESISTANCE
+ i = 21;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ if (strncmp(buf, "False", 5) == 0) {
+@@ -4200,11 +4200,11 @@ drbg(char *reqfn)
+ if (entropyInput) {
+ memset(entropyInput, 0, entropyInputLen);
+ i = 18;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+
+- for (j = 0; isxdigit(buf[i]); i += 2, j++) { /*j<entropyInputLen*/
++ for (j = 0; isxdigit((unsigned char)buf[i]); i += 2, j++) { /*j<entropyInputLen*/
+ hex_to_byteval(&buf[i], &entropyInput[j]);
+ }
+ }
+@@ -4217,10 +4217,10 @@ drbg(char *reqfn)
+ if (additionalInput) {
+ memset(additionalInput, 0, additionalInputLen);
+ i = 21;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+- for (j = 0; isxdigit(buf[i]); i += 2, j++) { /*j<additionalInputLen*/
++ for (j = 0; isxdigit((unsigned char)buf[i]); i += 2, j++) { /*j<additionalInputLen*/
+ hex_to_byteval(&buf[i], &additionalInput[j]);
+ }
+ }
+@@ -4232,10 +4232,10 @@ drbg(char *reqfn)
+ /* Entropy input = ... */
+ if (strncmp(buf, "EntropyInput", 12) == 0) {
+ i = 12;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+- for (j = 0; isxdigit(buf[i]); i += 2, j++) { /*j<entropyInputLen*/
++ for (j = 0; isxdigit((unsigned char)buf[i]); i += 2, j++) { /*j<entropyInputLen*/
+ hex_to_byteval(&buf[i], &entropyInput[j]);
+ }
+ fputs(buf, rngresp);
+@@ -4245,10 +4245,10 @@ drbg(char *reqfn)
+ /* nouce = ... */
+ if (strncmp(buf, "Nonce", 5) == 0) {
+ i = 5;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+- for (j = 0; isxdigit(buf[i]); i += 2, j++) { /*j<nonceLen*/
++ for (j = 0; isxdigit((unsigned char)buf[i]); i += 2, j++) { /*j<nonceLen*/
+ hex_to_byteval(&buf[i], &nonce[j]);
+ }
+ fputs(buf, rngresp);
+@@ -4259,10 +4259,10 @@ drbg(char *reqfn)
+ if (strncmp(buf, "PersonalizationString", 21) == 0) {
+ if (personalizationString) {
+ i = 21;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+- for (j = 0; isxdigit(buf[i]); i += 2, j++) { /*j<personalizationStringLen*/
++ for (j = 0; isxdigit((unsigned char)buf[i]); i += 2, j++) { /*j<personalizationStringLen*/
+ hex_to_byteval(&buf[i], &personalizationString[j]);
+ }
+ }
+@@ -4275,10 +4275,10 @@ drbg(char *reqfn)
+ if (strncmp(buf, "AdditionalInput", 15) == 0) {
+ if (additionalInput) {
+ i = 15;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+- for (j = 0; isxdigit(buf[i]); i += 2, j++) { /*j<additionalInputLen*/
++ for (j = 0; isxdigit((unsigned char)buf[i]); i += 2, j++) { /*j<additionalInputLen*/
+ hex_to_byteval(&buf[i], &additionalInput[j]);
+ }
+ }
+@@ -4295,10 +4295,10 @@ drbg(char *reqfn)
+ /* Returned bits = ... */
+ if (strncmp(buf, "ReturnedBits", 12) == 0) {
+ i = 12;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+- for (j = 0; isxdigit(buf[i]); i += 2, j++) { /*j<additionalInputLen*/
++ for (j = 0; isxdigit((unsigned char)buf[i]); i += 2, j++) { /*j<additionalInputLen*/
+ hex_to_byteval(&buf[i], &predictedreturn_bytes[j]);
+ }
+
+@@ -4397,7 +4397,7 @@ rng_vst(char *reqfn)
+ /* Q = ... */
+ if (buf[0] == 'Q') {
+ i = 1;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < sizeof Q; i += 2, j++) {
+@@ -4419,7 +4419,7 @@ rng_vst(char *reqfn)
+ /* b = ... */
+ if (buf[0] == 'b') {
+ i = 1;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ b = atoi(&buf[i]);
+@@ -4432,7 +4432,7 @@ rng_vst(char *reqfn)
+ /* XKey = ... */
+ if (strncmp(buf, "XKey", 4) == 0) {
+ i = 4;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < b / 8; i += 2, j++) {
+@@ -4444,7 +4444,7 @@ rng_vst(char *reqfn)
+ /* XSeed = ... */
+ if (strncmp(buf, "XSeed", 5) == 0) {
+ i = 5;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < b / 8; i += 2, j++) {
+@@ -4520,7 +4520,7 @@ rng_mct(char *reqfn)
+ /* Q = ... */
+ if (buf[0] == 'Q') {
+ i = 1;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < sizeof Q; i += 2, j++) {
+@@ -4542,7 +4542,7 @@ rng_mct(char *reqfn)
+ /* b = ... */
+ if (buf[0] == 'b') {
+ i = 1;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ b = atoi(&buf[i]);
+@@ -4555,7 +4555,7 @@ rng_mct(char *reqfn)
+ /* XKey = ... */
+ if (strncmp(buf, "XKey", 4) == 0) {
+ i = 4;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < b / 8; i += 2, j++) {
+@@ -4568,7 +4568,7 @@ rng_mct(char *reqfn)
+ if (strncmp(buf, "XSeed", 5) == 0) {
+ unsigned int k;
+ i = 5;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < b / 8; i += 2, j++) {
+@@ -4719,7 +4719,7 @@ sha_test(char *reqfn)
+ if (buf[0] == '[') {
+ if (strncmp(&buf[1], "L ", 1) == 0) {
+ i = 2;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ MDlen = atoi(&buf[i]);
+@@ -4730,7 +4730,7 @@ sha_test(char *reqfn)
+ /* Len = Length of the Input Message Length ... */
+ if (strncmp(buf, "Len", 3) == 0) {
+ i = 3;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ if (msg) {
+@@ -4754,7 +4754,7 @@ sha_test(char *reqfn)
+ /* MSG = ... */
+ if (strncmp(buf, "Msg", 3) == 0) {
+ i = 3;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < msgLen; i += 2, j++) {
+@@ -4778,7 +4778,7 @@ sha_test(char *reqfn)
+ /* Seed = ... */
+ if (strncmp(buf, "Seed", 4) == 0) {
+ i = 4;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < sizeof seed; i += 2, j++) {
+@@ -4896,11 +4896,11 @@ hmac_test(char *reqfn)
+ while (fgets(buf, bufSize, req) != NULL) {
+ if (strncmp(buf, "Mac", 3) == 0) {
+ i = 3;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ memset(expectedHMAC, 0, HASH_LENGTH_MAX);
+- for (j = 0; isxdigit(buf[i]); i += 2, j++) {
++ for (j = 0; isxdigit((unsigned char)buf[i]); i += 2, j++) {
+ hex_to_byteval(&buf[i], &expectedHMAC[j]);
+ }
+ if (memcmp(HMAC, expectedHMAC, TLen) != 0) {
+@@ -4926,7 +4926,7 @@ hmac_test(char *reqfn)
+ if (buf[0] == '[') {
+ if (strncmp(&buf[1], "L ", 1) == 0) {
+ i = 2;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ /* HMACLen will get reused for Tlen */
+@@ -4954,7 +4954,7 @@ hmac_test(char *reqfn)
+ /* KLen = Length of the Input Secret Key ... */
+ if (strncmp(buf, "Klen", 4) == 0) {
+ i = 4;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ keyLen = atoi(&buf[i]); /* in bytes */
+@@ -4964,7 +4964,7 @@ hmac_test(char *reqfn)
+ /* key = the secret key for the key to MAC */
+ if (strncmp(buf, "Key", 3) == 0) {
+ i = 3;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < keyLen; i += 2, j++) {
+@@ -4975,7 +4975,7 @@ hmac_test(char *reqfn)
+ /* TLen = Length of the calculated HMAC */
+ if (strncmp(buf, "Tlen", 4) == 0) {
+ i = 4;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ TLen = atoi(&buf[i]); /* in bytes */
+@@ -4985,7 +4985,7 @@ hmac_test(char *reqfn)
+ /* MSG = to HMAC always 128 bytes for these tests */
+ if (strncmp(buf, "Msg", 3) == 0) {
+ i = 3;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < msgLen; i += 2, j++) {
+@@ -5265,7 +5265,7 @@ dsa_pqgver_test(char *reqfn)
+ /* P = ... */
+ if (buf[0] == 'P') {
+ i = 1;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < pqg.prime.len; i += 2, j++) {
+@@ -5279,7 +5279,7 @@ dsa_pqgver_test(char *reqfn)
+ /* Q = ... */
+ if (buf[0] == 'Q') {
+ i = 1;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < pqg.subPrime.len; i += 2, j++) {
+@@ -5297,7 +5297,7 @@ dsa_pqgver_test(char *reqfn)
+ SECITEM_ZfreeItem(&pqg.base, PR_FALSE);
+ }
+ SECITEM_AllocItem(NULL, &pqg.base, pghSize);
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < pqg.base.len; i += 2, j++) {
+@@ -5319,10 +5319,10 @@ dsa_pqgver_test(char *reqfn)
+ i = 0;
+ }
+ if (i) {
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+- for (j = 0; isxdigit(buf[i]); i += 2, j++) {
++ for (j = 0; isxdigit((unsigned char)buf[i]); i += 2, j++) {
+ hex_to_byteval(&buf[i], &vfy.seed.data[j]);
+ }
+ vfy.seed.len = j;
+@@ -5347,10 +5347,10 @@ dsa_pqgver_test(char *reqfn)
+ if ((strncmp(buf, "pseed", 5) == 0) ||
+ (strncmp(buf, "qseed", 5) == 0)) {
+ i = 5;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+- for (j = vfy.seed.len; isxdigit(buf[i]); i += 2, j++) {
++ for (j = vfy.seed.len; isxdigit((unsigned char)buf[i]); i += 2, j++) {
+ hex_to_byteval(&buf[i], &vfy.seed.data[j]);
+ }
+ vfy.seed.len = j;
+@@ -5360,7 +5360,7 @@ dsa_pqgver_test(char *reqfn)
+ }
+ if (strncmp(buf, "index", 4) == 0) {
+ i = 5;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ hex_to_byteval(&buf[i], &vfy.h.data[0]);
+@@ -5427,10 +5427,10 @@ dsa_pqgver_test(char *reqfn)
+ SECStatus rv, result = SECFailure;
+
+ i = 1;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+- for (j = 0; isxdigit(buf[i]); i += 2, j++) {
++ for (j = 0; isxdigit((unsigned char)buf[i]); i += 2, j++) {
+ hex_to_byteval(&buf[i], &vfy.h.data[j]);
+ }
+ vfy.h.len = j;
+@@ -5779,10 +5779,10 @@ dsa_siggen_test(char *reqfn)
+ memset(sig, 0, sizeof sig);
+
+ i = 3;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+- for (j = 0; isxdigit(buf[i]); i += 2, j++) {
++ for (j = 0; isxdigit((unsigned char)buf[i]); i += 2, j++) {
+ hex_to_byteval(&buf[i], &msg[j]);
+ }
+ if (fips_hashBuf(hashType, hashBuf, msg, j) != SECSuccess) {
+@@ -5924,7 +5924,7 @@ dsa_sigver_test(char *reqfn)
+ /* P = ... */
+ if (buf[0] == 'P') {
+ i = 1;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ memset(pubkey.params.prime.data, 0, pubkey.params.prime.len);
+@@ -5939,7 +5939,7 @@ dsa_sigver_test(char *reqfn)
+ /* Q = ... */
+ if (buf[0] == 'Q') {
+ i = 1;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ memset(pubkey.params.subPrime.data, 0, pubkey.params.subPrime.len);
+@@ -5954,7 +5954,7 @@ dsa_sigver_test(char *reqfn)
+ /* G = ... */
+ if (buf[0] == 'G') {
+ i = 1;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ memset(pubkey.params.base.data, 0, pubkey.params.base.len);
+@@ -5977,10 +5977,10 @@ dsa_sigver_test(char *reqfn)
+ }
+
+ i = 3;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+- for (j = 0; isxdigit(buf[i]); i += 2, j++) {
++ for (j = 0; isxdigit((unsigned char)buf[i]); i += 2, j++) {
+ hex_to_byteval(&buf[i], &msg[j]);
+ }
+ if (fips_hashBuf(hashType, hashBuf, msg, j) != SECSuccess) {
+@@ -5996,7 +5996,7 @@ dsa_sigver_test(char *reqfn)
+ /* Y = ... */
+ if (buf[0] == 'Y') {
+ i = 1;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ memset(pubkey.publicValue.data, 0, pubkey.params.subPrime.len);
+@@ -6012,7 +6012,7 @@ dsa_sigver_test(char *reqfn)
+ if (buf[0] == 'R') {
+ memset(sig, 0, sizeof sig);
+ i = 1;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < pubkey.params.subPrime.len; i += 2, j++) {
+@@ -6031,7 +6031,7 @@ dsa_sigver_test(char *reqfn)
+ }
+
+ i = 1;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = pubkey.params.subPrime.len;
+@@ -6287,7 +6287,7 @@ rsa_siggen_test(char *reqfn)
+ /* SHAAlg = ... */
+ if (strncmp(buf, "SHAAlg", 6) == 0) {
+ i = 6;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ /* set the SHA Algorithm */
+@@ -6325,10 +6325,10 @@ rsa_siggen_test(char *reqfn)
+ memset(rsa_computed_signature, 0, sizeof rsa_computed_signature);
+
+ i = 3;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+- for (j = 0; isxdigit(buf[i]) && j < sizeof(msg); i += 2, j++) {
++ for (j = 0; isxdigit((unsigned char)buf[i]) && j < sizeof(msg); i += 2, j++) {
+ hex_to_byteval(&buf[i], &msg[j]);
+ }
+ shaLength = fips_hashLen(shaAlg);
+@@ -6455,7 +6455,7 @@ rsa_sigver_test(char *reqfn)
+ /* n = ... modulus */
+ if (buf[0] == 'n') {
+ i = 1;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ keyvalid = from_hex_str(&rsaBlapiPublicKey.modulus.data[0],
+@@ -6473,7 +6473,7 @@ rsa_sigver_test(char *reqfn)
+ /* SHAAlg = ... */
+ if (strncmp(buf, "SHAAlg", 6) == 0) {
+ i = 6;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ /* set the SHA Algorithm */
+@@ -6498,11 +6498,11 @@ rsa_sigver_test(char *reqfn)
+ }
+
+ i = 1;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ /* skip leading zero's */
+- while (isxdigit(buf[i])) {
++ while (isxdigit((unsigned char)buf[i])) {
+ hex_to_byteval(&buf[i], &t);
+ if (t == 0) {
+ i += 2;
+@@ -6511,7 +6511,7 @@ rsa_sigver_test(char *reqfn)
+ }
+
+ /* get the exponent */
+- for (j = 0; isxdigit(buf[i]) && j < sizeof data; i += 2, j++) {
++ for (j = 0; isxdigit((unsigned char)buf[i]) && j < sizeof data; i += 2, j++) {
+ hex_to_byteval(&buf[i], &data[j]);
+ }
+
+@@ -6540,11 +6540,11 @@ rsa_sigver_test(char *reqfn)
+ memset(msg, 0, sizeof msg);
+
+ i = 3;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+
+- for (j = 0; isxdigit(buf[i]) && j < sizeof msg; i += 2, j++) {
++ for (j = 0; isxdigit((unsigned char)buf[i]) && j < sizeof msg; i += 2, j++) {
+ hex_to_byteval(&buf[i], &msg[j]);
+ }
+
+@@ -6575,11 +6575,11 @@ rsa_sigver_test(char *reqfn)
+
+ memset(signature, 0, sizeof(signature));
+ i = 1;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+
+- for (j = 0; isxdigit(buf[i]) && j < sizeof signature; i += 2, j++) {
++ for (j = 0; isxdigit((unsigned char)buf[i]) && j < sizeof signature; i += 2, j++) {
+ hex_to_byteval(&buf[i], &signature[j]);
+ }
+
+@@ -6808,7 +6808,7 @@ tls(char *reqfn)
+ /* pre_master_secret = ... */
+ if (strncmp(buf, "pre_master_secret", 17) == 0) {
+ i = 17;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < pms_len; i += 2, j++) {
+@@ -6820,7 +6820,7 @@ tls(char *reqfn)
+ /* serverHello_random = ... */
+ if (strncmp(buf, "serverHello_random", 18) == 0) {
+ i = 18;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < SSL3_RANDOM_LENGTH; i += 2, j++) {
+@@ -6832,7 +6832,7 @@ tls(char *reqfn)
+ /* clientHello_random = ... */
+ if (strncmp(buf, "clientHello_random", 18) == 0) {
+ i = 18;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < SSL3_RANDOM_LENGTH; i += 2, j++) {
+@@ -6844,7 +6844,7 @@ tls(char *reqfn)
+ /* server_random = ... */
+ if (strncmp(buf, "server_random", 13) == 0) {
+ i = 13;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < SSL3_RANDOM_LENGTH; i += 2, j++) {
+@@ -6860,7 +6860,7 @@ tls(char *reqfn)
+ CK_OBJECT_HANDLE master_handle;
+ CK_OBJECT_HANDLE fake_handle;
+ i = 13;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < SSL3_RANDOM_LENGTH; i += 2, j++) {
+@@ -7135,7 +7135,7 @@ ikev1(char *reqfn)
+ /* Ni = ... */
+ if (strncmp(buf, "Ni", 2) == 0) {
+ i = 2;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < Ni_len; i += 2, j++) {
+@@ -7147,7 +7147,7 @@ ikev1(char *reqfn)
+ /* Nr = ... */
+ if (strncmp(buf, "Nr", 2) == 0) {
+ i = 2;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < Nr_len; i += 2, j++) {
+@@ -7159,7 +7159,7 @@ ikev1(char *reqfn)
+ /* CKYi = ... */
+ if (strncmp(buf, "CKY_I", 5) == 0) {
+ i = 5;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < CKYi_len; i += 2, j++) {
+@@ -7171,7 +7171,7 @@ ikev1(char *reqfn)
+ /* CKYr = ... */
+ if (strncmp(buf, "CKY_R", 5) == 0) {
+ i = 5;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < CKYr_len; i += 2, j++) {
+@@ -7189,7 +7189,7 @@ ikev1(char *reqfn)
+ CK_OBJECT_HANDLE skeyid_a_handle;
+ CK_OBJECT_HANDLE skeyid_e_handle;
+ i = 4;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < gxy_len; i += 2, j++) {
+@@ -7541,7 +7541,7 @@ ikev1_psk(char *reqfn)
+ /* Ni = ... */
+ if (strncmp(buf, "Ni", 2) == 0) {
+ i = 2;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < Ni_len; i += 2, j++) {
+@@ -7553,7 +7553,7 @@ ikev1_psk(char *reqfn)
+ /* Nr = ... */
+ if (strncmp(buf, "Nr", 2) == 0) {
+ i = 2;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < Nr_len; i += 2, j++) {
+@@ -7565,7 +7565,7 @@ ikev1_psk(char *reqfn)
+ /* CKYi = ... */
+ if (strncmp(buf, "CKY_I", 5) == 0) {
+ i = 5;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < CKYi_len; i += 2, j++) {
+@@ -7577,7 +7577,7 @@ ikev1_psk(char *reqfn)
+ /* CKYr = ... */
+ if (strncmp(buf, "CKY_R", 5) == 0) {
+ i = 5;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < CKYr_len; i += 2, j++) {
+@@ -7589,7 +7589,7 @@ ikev1_psk(char *reqfn)
+ /* g^xy = ... */
+ if (strncmp(buf, "g^xy", 4) == 0) {
+ i = 4;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < gxy_len; i += 2, j++) {
+@@ -7608,7 +7608,7 @@ ikev1_psk(char *reqfn)
+ CK_OBJECT_HANDLE skeyid_a_handle;
+ CK_OBJECT_HANDLE skeyid_e_handle;
+ i = 14;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < psk_len; i += 2, j++) {
+@@ -7980,7 +7980,7 @@ ikev2(char *reqfn)
+ /* Ni = ... */
+ if (strncmp(buf, "Ni", 2) == 0) {
+ i = 2;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < Ni_len; i += 2, j++) {
+@@ -7992,7 +7992,7 @@ ikev2(char *reqfn)
+ /* Nr = ... */
+ if (strncmp(buf, "Nr", 2) == 0) {
+ i = 2;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < Nr_len; i += 2, j++) {
+@@ -8004,7 +8004,7 @@ ikev2(char *reqfn)
+ /* g^ir (new) = ... */
+ if (strncmp(buf, "g^ir (new)", 10) == 0) {
+ i = 10;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < gir_len; i += 2, j++) {
+@@ -8016,7 +8016,7 @@ ikev2(char *reqfn)
+ /* g^ir = ... */
+ if (strncmp(buf, "g^ir", 4) == 0) {
+ i = 4;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < gir_len; i += 2, j++) {
+@@ -8028,7 +8028,7 @@ ikev2(char *reqfn)
+ /* SPIi = ... */
+ if (strncmp(buf, "SPIi", 4) == 0) {
+ i = 4;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < SPIi_len; i += 2, j++) {
+@@ -8048,7 +8048,7 @@ ikev2(char *reqfn)
+ CK_OBJECT_HANDLE dkm_handle;
+ CK_OBJECT_HANDLE dkm_child_handle;
+ i = 4;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < SPIr_len; i += 2, j++) {
Index: pkgsrc/devel/nss/patches/patch-nss_cmd_pk11gcmtest_pk11gcmtest.c
diff -u /dev/null pkgsrc/devel/nss/patches/patch-nss_cmd_pk11gcmtest_pk11gcmtest.c:1.1
--- /dev/null Thu Apr 7 19:08:40 2022
+++ pkgsrc/devel/nss/patches/patch-nss_cmd_pk11gcmtest_pk11gcmtest.c Thu Apr 7 19:08:40 2022
@@ -0,0 +1,84 @@
+$NetBSD: patch-nss_cmd_pk11gcmtest_pk11gcmtest.c,v 1.1 2022/04/07 19:08:40 riastradh Exp $
+
+Fix ctype(3) abuse: https://bugzilla.mozilla.org/show_bug.cgi?id=1246768
+
+--- nss/cmd/pk11gcmtest/pk11gcmtest.c.orig 2022-03-03 10:18:53.000000000 +0000
++++ nss/cmd/pk11gcmtest/pk11gcmtest.c
+@@ -269,10 +269,10 @@ aes_gcm_kat(const char *respfn)
+ /* Key = ... */
+ if (strncmp(buf, "Key", 3) == 0) {
+ i = 3;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+- for (j = 0; isxdigit(buf[i]); i += 2, j++) {
++ for (j = 0; isxdigit((unsigned char)buf[i]); i += 2, j++) {
+ hex_to_byteval(&buf[i], &key[j]);
+ }
+ keysize = j;
+@@ -286,10 +286,10 @@ aes_gcm_kat(const char *respfn)
+ /* IV = ... */
+ if (strncmp(buf, "IV", 2) == 0) {
+ i = 2;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+- for (j = 0; isxdigit(buf[i]); i += 2, j++) {
++ for (j = 0; isxdigit((unsigned char)buf[i]); i += 2, j++) {
+ hex_to_byteval(&buf[i], &iv[j]);
+ }
+ ivsize = j;
+@@ -303,10 +303,10 @@ aes_gcm_kat(const char *respfn)
+ /* PT = ... */
+ if (strncmp(buf, "PT", 2) == 0) {
+ i = 2;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+- for (j = 0; isxdigit(buf[i]); i += 2, j++) {
++ for (j = 0; isxdigit((unsigned char)buf[i]); i += 2, j++) {
+ hex_to_byteval(&buf[i], &plaintext[j]);
+ }
+ plaintextlen = j;
+@@ -357,10 +357,10 @@ aes_gcm_kat(const char *respfn)
+ /* AAD = ... */
+ if (strncmp(buf, "AAD", 3) == 0) {
+ i = 3;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+- for (j = 0; isxdigit(buf[i]); i += 2, j++) {
++ for (j = 0; isxdigit((unsigned char)buf[i]); i += 2, j++) {
+ hex_to_byteval(&buf[i], &aad[j]);
+ }
+ aadlen = j;
+@@ -374,10 +374,10 @@ aes_gcm_kat(const char *respfn)
+ /* CT = ... */
+ if (strncmp(buf, "CT", 2) == 0) {
+ i = 2;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+- for (j = 0; isxdigit(buf[i]); i += 2, j++) {
++ for (j = 0; isxdigit((unsigned char)buf[i]); i += 2, j++) {
+ hex_to_byteval(&buf[i], &ciphertext[j]);
+ }
+ ciphertextlen = j;
+@@ -391,10 +391,10 @@ aes_gcm_kat(const char *respfn)
+ /* Tag = ... */
+ if (strncmp(buf, "Tag", 3) == 0) {
+ i = 3;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+- for (j = 0; isxdigit(buf[i]); i += 2, j++) {
++ for (j = 0; isxdigit((unsigned char)buf[i]); i += 2, j++) {
+ hex_to_byteval(&buf[i], &tag[j]);
+ }
+ tagsize = j;
Index: pkgsrc/devel/nss/patches/patch-nss_cmd_signtool_certgen.c
diff -u /dev/null pkgsrc/devel/nss/patches/patch-nss_cmd_signtool_certgen.c:1.1
--- /dev/null Thu Apr 7 19:08:40 2022
+++ pkgsrc/devel/nss/patches/patch-nss_cmd_signtool_certgen.c Thu Apr 7 19:08:40 2022
@@ -0,0 +1,15 @@
+$NetBSD: patch-nss_cmd_signtool_certgen.c,v 1.1 2022/04/07 19:08:40 riastradh Exp $
+
+Fix ctype(3) abuse: https://bugzilla.mozilla.org/show_bug.cgi?id=1246768
+
+--- nss/cmd/signtool/certgen.c.orig 2022-03-03 10:18:53.000000000 +0000
++++ nss/cmd/signtool/certgen.c
+@@ -50,7 +50,7 @@ GenerateCert(char *nickname, int keysize
+ "\n\"y\" to continue, or anything else to abort: ");
+ pr_fgets(stdinbuf, 160, PR_STDIN);
+ PR_fprintf(PR_STDOUT, "\n");
+- if (tolower(stdinbuf[0]) != 'y') {
++ if (tolower((unsigned char)stdinbuf[0]) != 'y') {
+ PR_fprintf(errorFD, "Operation aborted at user's request.\n");
+ errorCount++;
+ return -1;
Index: pkgsrc/devel/nss/patches/patch-nss_cmd_signtool_util.c
diff -u /dev/null pkgsrc/devel/nss/patches/patch-nss_cmd_signtool_util.c:1.1
--- /dev/null Thu Apr 7 19:08:40 2022
+++ pkgsrc/devel/nss/patches/patch-nss_cmd_signtool_util.c Thu Apr 7 19:08:40 2022
@@ -0,0 +1,23 @@
+$NetBSD: patch-nss_cmd_signtool_util.c,v 1.1 2022/04/07 19:08:40 riastradh Exp $
+
+Fix ctype(3) abuse: https://bugzilla.mozilla.org/show_bug.cgi?id=1246768
+
+--- nss/cmd/signtool/util.c.orig 2022-03-03 10:18:53.000000000 +0000
++++ nss/cmd/signtool/util.c
+@@ -835,14 +835,14 @@ chop(char *str)
+ start = str;
+
+ /* Nip leading whitespace */
+- while (isspace(*start)) {
++ while (isspace((unsigned char)*start)) {
+ start++;
+ }
+
+ /* Nip trailing whitespace */
+ if (*start) {
+ end = start + strlen(start) - 1;
+- while (isspace(*end) && end > start) {
++ while (isspace((unsigned char)*end) && end > start) {
+ end--;
+ }
+ *(end + 1) = '\0';
Index: pkgsrc/devel/nss/patches/patch-nss_lib_certdb_alg1485.c
diff -u /dev/null pkgsrc/devel/nss/patches/patch-nss_lib_certdb_alg1485.c:1.1
--- /dev/null Thu Apr 7 19:08:40 2022
+++ pkgsrc/devel/nss/patches/patch-nss_lib_certdb_alg1485.c Thu Apr 7 19:08:40 2022
@@ -0,0 +1,33 @@
+$NetBSD: patch-nss_lib_certdb_alg1485.c,v 1.1 2022/04/07 19:08:40 riastradh Exp $
+
+Fix ctype(3) abuse: https://bugzilla.mozilla.org/show_bug.cgi?id=1246768
+
+--- nss/lib/certdb/alg1485.c.orig 2022-03-03 10:18:53.000000000 +0000
++++ nss/lib/certdb/alg1485.c
+@@ -402,7 +402,7 @@ ParseRFC1485AVA(PLArenaPool* arena, cons
+ }
+
+ /* is this a dotted decimal OID attribute type ? */
+- if (!PL_strncasecmp("oid.", tagBuf, 4) || isdigit(tagBuf[0])) {
++ if (!PL_strncasecmp("oid.", tagBuf, 4) || isdigit((unsigned char)tagBuf[0])) {
+ rv = SEC_StringToOID(arena, &derOid, tagBuf, strlen(tagBuf));
+ isDottedOid = (PRBool)(rv == SECSuccess);
+ } else {
+@@ -1332,7 +1332,7 @@ CERT_GetCertificateEmailAddress(CERTCert
+ }
+ if (rawEmailAddr) {
+ for (i = 0; i <= (int)PORT_Strlen(rawEmailAddr); i++) {
+- rawEmailAddr[i] = tolower(rawEmailAddr[i]);
++ rawEmailAddr[i] = tolower((unsigned char)rawEmailAddr[i]);
+ }
+ }
+
+@@ -1358,7 +1358,7 @@ appendStringToBuf(char* dest, char* src,
+ if (dest && src && src[0] && *pRemaining > (len = PL_strlen(src))) {
+ PRUint32 i;
+ for (i = 0; i < len; ++i)
+- dest[i] = tolower(src[i]);
++ dest[i] = tolower((unsigned char)src[i]);
+ dest[len] = 0;
+ dest += len + 1;
+ *pRemaining -= len + 1;
Index: pkgsrc/devel/nss/patches/patch-nss_lib_certdb_certdb.c
diff -u /dev/null pkgsrc/devel/nss/patches/patch-nss_lib_certdb_certdb.c:1.1
--- /dev/null Thu Apr 7 19:08:40 2022
+++ pkgsrc/devel/nss/patches/patch-nss_lib_certdb_certdb.c Thu Apr 7 19:08:40 2022
@@ -0,0 +1,24 @@
+$NetBSD: patch-nss_lib_certdb_certdb.c,v 1.1 2022/04/07 19:08:40 riastradh Exp $
+
+Fix ctype(3) abuse: https://bugzilla.mozilla.org/show_bug.cgi?id=1246768
+
+--- nss/lib/certdb/certdb.c.orig 2022-03-03 10:18:53.000000000 +0000
++++ nss/lib/certdb/certdb.c
+@@ -1313,7 +1313,7 @@ sec_lower_string(char *s)
+ }
+
+ while (*s) {
+- *s = PORT_Tolower(*s);
++ *s = PORT_Tolower((unsigned char)*s);
+ s++;
+ }
+
+@@ -2304,7 +2304,7 @@ CERT_FixupEmailAddr(const char *emailAdd
+
+ /* make it lower case */
+ while (*str) {
+- *str = tolower(*str);
++ *str = tolower((unsigned char)*str);
+ str++;
+ }
+
Index: pkgsrc/devel/nss/patches/patch-nss_lib_dbm_src_mktemp.c
diff -u /dev/null pkgsrc/devel/nss/patches/patch-nss_lib_dbm_src_mktemp.c:1.1
--- /dev/null Thu Apr 7 19:08:40 2022
+++ pkgsrc/devel/nss/patches/patch-nss_lib_dbm_src_mktemp.c Thu Apr 7 19:08:40 2022
@@ -0,0 +1,15 @@
+$NetBSD: patch-nss_lib_dbm_src_mktemp.c,v 1.1 2022/04/07 19:08:40 riastradh Exp $
+
+Fix ctype(3) abuse: https://bugzilla.mozilla.org/show_bug.cgi?id=1246768
+
+--- nss/lib/dbm/src/mktemp.c.orig 2022-03-03 10:18:53.000000000 +0000
++++ nss/lib/dbm/src/mktemp.c
+@@ -137,7 +137,7 @@ _gettemp(char *path, register int *doope
+ if (*trv == 'z')
+ *trv++ = 'a';
+ else {
+- if (isdigit(*trv))
++ if (isdigit((unsigned char)*trv))
+ *trv = 'a';
+ else
+ ++*trv;
Index: pkgsrc/devel/nss/patches/patch-nss_lib_nss_nssinit.c
diff -u /dev/null pkgsrc/devel/nss/patches/patch-nss_lib_nss_nssinit.c:1.1
--- /dev/null Thu Apr 7 19:08:40 2022
+++ pkgsrc/devel/nss/patches/patch-nss_lib_nss_nssinit.c Thu Apr 7 19:08:40 2022
@@ -0,0 +1,36 @@
+$NetBSD: patch-nss_lib_nss_nssinit.c,v 1.1 2022/04/07 19:08:40 riastradh Exp $
+
+Fix ctype(3) abuse: https://bugzilla.mozilla.org/show_bug.cgi?id=1246768
+
+--- nss/lib/nss/nssinit.c.orig 2022-03-03 10:18:53.000000000 +0000
++++ nss/lib/nss/nssinit.c
+@@ -1323,25 +1323,25 @@ NSS_VersionCheck(const char *importedVer
+ #define NSS_VERSION_VARIABLE __nss_base_version
+ #include "verref.h"
+
+- while (isdigit(*ptr)) {
++ while (isdigit((unsigned char)*ptr)) {
+ vmajor = 10 * vmajor + *ptr - '0';
+ ptr++;
+ }
+ if (*ptr == '.') {
+ ptr++;
+- while (isdigit(*ptr)) {
++ while (isdigit((unsigned char)*ptr)) {
+ vminor = 10 * vminor + *ptr - '0';
+ ptr++;
+ }
+ if (*ptr == '.') {
+ ptr++;
+- while (isdigit(*ptr)) {
++ while (isdigit((unsigned char)*ptr)) {
+ vpatch = 10 * vpatch + *ptr - '0';
+ ptr++;
+ }
+ if (*ptr == '.') {
+ ptr++;
+- while (isdigit(*ptr)) {
++ while (isdigit((unsigned char)*ptr)) {
+ vbuild = 10 * vbuild + *ptr - '0';
+ ptr++;
+ }
Index: pkgsrc/devel/nss/patches/patch-nss_lib_softoken_legacydb_lowcert.c
diff -u /dev/null pkgsrc/devel/nss/patches/patch-nss_lib_softoken_legacydb_lowcert.c:1.1
--- /dev/null Thu Apr 7 19:08:40 2022
+++ pkgsrc/devel/nss/patches/patch-nss_lib_softoken_legacydb_lowcert.c Thu Apr 7 19:08:40 2022
@@ -0,0 +1,24 @@
+$NetBSD: patch-nss_lib_softoken_legacydb_lowcert.c,v 1.1 2022/04/07 19:08:40 riastradh Exp $
+
+Fix ctype(3) abuse: https://bugzilla.mozilla.org/show_bug.cgi?id=1246768
+
+--- nss/lib/softoken/legacydb/lowcert.c.orig 2022-03-03 10:18:53.000000000 +0000
++++ nss/lib/softoken/legacydb/lowcert.c
+@@ -615,7 +615,7 @@ nsslowcert_GetCertificateEmailAddress(NS
+ /* make it lower case */
+ str = emailAddr;
+ while (str && *str) {
+- *str = tolower(*str);
++ *str = tolower((unsigned char)*str);
+ str++;
+ }
+ return emailAddr;
+@@ -717,7 +717,7 @@ nsslowcert_FixupEmailAddr(char *emailAdd
+
+ /* make it lower case */
+ while (*str) {
+- *str = tolower(*str);
++ *str = tolower((unsigned char)*str);
+ str++;
+ }
+
Index: pkgsrc/devel/nss/patches/patch-nss_lib_util_oidstring.c
diff -u /dev/null pkgsrc/devel/nss/patches/patch-nss_lib_util_oidstring.c:1.1
--- /dev/null Thu Apr 7 19:08:40 2022
+++ pkgsrc/devel/nss/patches/patch-nss_lib_util_oidstring.c Thu Apr 7 19:08:40 2022
@@ -0,0 +1,15 @@
+$NetBSD: patch-nss_lib_util_oidstring.c,v 1.1 2022/04/07 19:08:40 riastradh Exp $
+
+Fix ctype(3) abuse: https://bugzilla.mozilla.org/show_bug.cgi?id=1246768
+
+--- nss/lib/util/oidstring.c.orig 2022-03-03 10:18:53.000000000 +0000
++++ nss/lib/util/oidstring.c
+@@ -50,7 +50,7 @@ SEC_StringToOID(PLArenaPool *pool, SECIt
+ }
+ do {
+ PRUint32 decimal = 0;
+- while (len > 0 && isdigit(*from)) {
++ while (len > 0 && isdigit((unsigned char)*from)) {
+ PRUint32 addend = (*from++ - '0');
+ --len;
+ if (decimal > max_decimal) /* overflow */
Index: pkgsrc/devel/nss/patches/patch-nss_lib_util_portreg.c
diff -u /dev/null pkgsrc/devel/nss/patches/patch-nss_lib_util_portreg.c:1.1
--- /dev/null Thu Apr 7 19:08:40 2022
+++ pkgsrc/devel/nss/patches/patch-nss_lib_util_portreg.c Thu Apr 7 19:08:40 2022
@@ -0,0 +1,24 @@
+$NetBSD: patch-nss_lib_util_portreg.c,v 1.1 2022/04/07 19:08:40 riastradh Exp $
+
+Fix ctype(3) abuse: https://bugzilla.mozilla.org/show_bug.cgi?id=1246768
+
+--- nss/lib/util/portreg.c.orig 2022-03-03 10:18:53.000000000 +0000
++++ nss/lib/util/portreg.c
+@@ -275,7 +275,7 @@ _shexp_match(const char *str, const char
+ if (exp[y] == '\\')
+ ++y;
+ if (case_insensitive) {
+- matched |= (toupper(str[x]) == toupper(exp[y]));
++ matched |= (toupper((unsigned char)str[x]) == toupper((unsigned char)exp[y]));
+ } else {
+ matched |= (str[x] == exp[y]);
+ }
+@@ -299,7 +299,7 @@ _shexp_match(const char *str, const char
+ /* fall through */
+ default:
+ if (case_insensitive) {
+- if (toupper(str[x]) != toupper(exp[y]))
++ if (toupper((unsigned char)str[x]) != toupper((unsigned char)exp[y]))
+ return NOMATCH;
+ } else {
+ if (str[x] != exp[y])
Home |
Main Index |
Thread Index |
Old Index