pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/www/dillo
Module Name: pkgsrc
Committed By: leot
Date: Sun Jan 18 13:00:41 UTC 2026
Modified Files:
pkgsrc/www/dillo: Makefile distinfo
Added Files:
pkgsrc/www/dillo/patches: patch-dlib_dlib.c patch-dlib_dlib.h
patch-dpi_bookmarks.c patch-dpi_cookies.c patch-dpi_datauri.c
patch-dpi_downloads.cc patch-dpi_dpiutil.c patch-dpi_file.c
patch-dpi_ftp.c patch-dpid_dpidc.c patch-dpip_dpip.c
patch-dw_findtext.hh patch-dw_fltkui.cc patch-dw_style.cc
patch-dw_textblock.cc patch-lout_misc.cc patch-src_IO_dpi.c
patch-src_IO_http.c patch-src_IO_tls__openssl.c patch-src_auth.c
patch-src_colors.c patch-src_cookies.c patch-src_cssparser.cc
patch-src_hsts.c patch-src_html.cc patch-src_keys.cc
patch-src_misc.c patch-src_table.cc patch-src_url.c
patch-src_xembed.cc patch-test_dw_dw__anchors__test.cc
patch-test_unit_cookies.c
Log Message:
dillo: Avoid ctype(3) abuses
Backport a patch shared and applied upstream via commit
5e2bc90ea2f80dce3a20ef9c1a282e11d6d67236 to stop abusing ctype(3) functions.
Now dillo should no longer crashes due ctype(3) on NetBSD>=11.
PKGREVISION++
To generate a diff of this commit:
cvs rdiff -u -r1.97 -r1.98 pkgsrc/www/dillo/Makefile
cvs rdiff -u -r1.46 -r1.47 pkgsrc/www/dillo/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/www/dillo/patches/patch-dlib_dlib.c \
pkgsrc/www/dillo/patches/patch-dlib_dlib.h \
pkgsrc/www/dillo/patches/patch-dpi_bookmarks.c \
pkgsrc/www/dillo/patches/patch-dpi_cookies.c \
pkgsrc/www/dillo/patches/patch-dpi_datauri.c \
pkgsrc/www/dillo/patches/patch-dpi_downloads.cc \
pkgsrc/www/dillo/patches/patch-dpi_dpiutil.c \
pkgsrc/www/dillo/patches/patch-dpi_file.c \
pkgsrc/www/dillo/patches/patch-dpi_ftp.c \
pkgsrc/www/dillo/patches/patch-dpid_dpidc.c \
pkgsrc/www/dillo/patches/patch-dpip_dpip.c \
pkgsrc/www/dillo/patches/patch-dw_findtext.hh \
pkgsrc/www/dillo/patches/patch-dw_fltkui.cc \
pkgsrc/www/dillo/patches/patch-dw_style.cc \
pkgsrc/www/dillo/patches/patch-dw_textblock.cc \
pkgsrc/www/dillo/patches/patch-lout_misc.cc \
pkgsrc/www/dillo/patches/patch-src_IO_dpi.c \
pkgsrc/www/dillo/patches/patch-src_IO_http.c \
pkgsrc/www/dillo/patches/patch-src_IO_tls__openssl.c \
pkgsrc/www/dillo/patches/patch-src_auth.c \
pkgsrc/www/dillo/patches/patch-src_colors.c \
pkgsrc/www/dillo/patches/patch-src_cookies.c \
pkgsrc/www/dillo/patches/patch-src_cssparser.cc \
pkgsrc/www/dillo/patches/patch-src_hsts.c \
pkgsrc/www/dillo/patches/patch-src_html.cc \
pkgsrc/www/dillo/patches/patch-src_keys.cc \
pkgsrc/www/dillo/patches/patch-src_misc.c \
pkgsrc/www/dillo/patches/patch-src_table.cc \
pkgsrc/www/dillo/patches/patch-src_url.c \
pkgsrc/www/dillo/patches/patch-src_xembed.cc \
pkgsrc/www/dillo/patches/patch-test_dw_dw__anchors__test.cc \
pkgsrc/www/dillo/patches/patch-test_unit_cookies.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: pkgsrc/www/dillo/Makefile
diff -u pkgsrc/www/dillo/Makefile:1.97 pkgsrc/www/dillo/Makefile:1.98
--- pkgsrc/www/dillo/Makefile:1.97 Mon Dec 1 08:09:06 2025
+++ pkgsrc/www/dillo/Makefile Sun Jan 18 13:00:40 2026
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.97 2025/12/01 08:09:06 wiz Exp $
+# $NetBSD: Makefile,v 1.98 2026/01/18 13:00:40 leot Exp $
DISTNAME= dillo-3.2.0
-PKGREVISION= 3
+PKGREVISION= 4
CATEGORIES= www
MASTER_SITES= ${MASTER_SITE_GITHUB:=dillo-browser/}
GITHUB_TAG= v${PKGVERSION_NOREV}
Index: pkgsrc/www/dillo/distinfo
diff -u pkgsrc/www/dillo/distinfo:1.46 pkgsrc/www/dillo/distinfo:1.47
--- pkgsrc/www/dillo/distinfo:1.46 Fri Jan 31 14:33:17 2025
+++ pkgsrc/www/dillo/distinfo Sun Jan 18 13:00:40 2026
@@ -1,7 +1,39 @@
-$NetBSD: distinfo,v 1.46 2025/01/31 14:33:17 micha Exp $
+$NetBSD: distinfo,v 1.47 2026/01/18 13:00:40 leot Exp $
BLAKE2s (dillo-3.2.0.tar.gz) = 5316ef138218567801d7ed9491f69c8f30393f91f976ee6980ca9f47e764a2e1
SHA512 (dillo-3.2.0.tar.gz) = ff6aa64c79a5dac3bd5152e7501a20c129924c20df712003fc2cd0f18ab55886b0959aea4765f3c893e450e9f95781c10d393108cae8240804d4740f8121f066
Size (dillo-3.2.0.tar.gz) = 1459110 bytes
SHA1 (patch-configure.ac) = 9e3e7297b559dc70a3b1b61416bf1e97eeb23ca0
SHA1 (patch-dillo-install-hyphenation) = 27f3a481da421a691c4c39093f010c01abee2515
+SHA1 (patch-dlib_dlib.c) = 0a35c4817abcb5d7a230203962050955ce686c8a
+SHA1 (patch-dlib_dlib.h) = 62ba87d250be1fdc188fbac5a421e2014efdb807
+SHA1 (patch-dpi_bookmarks.c) = cf74d17876e59c8e710f0d659f2c228f92313f15
+SHA1 (patch-dpi_cookies.c) = a1919022ca3a4c9902b4c968a9e66ccc66aa1c9f
+SHA1 (patch-dpi_datauri.c) = 5cc8dc48d91ec3481557f38f6a48ef6d1adff3be
+SHA1 (patch-dpi_downloads.cc) = cacd04e64752b54d209c75d252295ca961080ac4
+SHA1 (patch-dpi_dpiutil.c) = 4f0360a2a58f3984ba1ae1edb09c544f72cc9c4e
+SHA1 (patch-dpi_file.c) = 64518eae1956f00b9785611ecec58573b6af7bd5
+SHA1 (patch-dpi_ftp.c) = a268148ec90e1d5441c0b764ecbf2ae5acca6db3
+SHA1 (patch-dpid_dpidc.c) = 5c20bdbb60a7a24b184b566e5ca91a56dbf56c41
+SHA1 (patch-dpip_dpip.c) = e4ba65b0aa04911484db5b7e337966b22a1e4d5c
+SHA1 (patch-dw_findtext.hh) = d3a27f547c0b3a13438172ba74850cd1854eb53b
+SHA1 (patch-dw_fltkui.cc) = 3e5479c554df3a0dfeaedc8baf05d04c85323f54
+SHA1 (patch-dw_style.cc) = b0116e1f31c6608878ba97007060744a7e91e9a4
+SHA1 (patch-dw_textblock.cc) = 3770f6253b073868123a1db543e5f81a3368f76b
+SHA1 (patch-lout_misc.cc) = c16df31edc312b5f87ec2c20c24432a4d0ba1072
+SHA1 (patch-src_IO_dpi.c) = 7b5f4e96ce4378a4d2a88bf36535b171bc38be6d
+SHA1 (patch-src_IO_http.c) = db2a04569bc9e089c22657052e3575810133575e
+SHA1 (patch-src_IO_tls__openssl.c) = da44290d7b7de51e794e81c12a91091feffab96d
+SHA1 (patch-src_auth.c) = e66959bfa05e7fd92204aaf08a585ffa3b53dcaa
+SHA1 (patch-src_colors.c) = d4818f021c70f1c9b8c71df6a515e726d4e4a374
+SHA1 (patch-src_cookies.c) = 9d9d4e63a7a774c010aa418d287f5cc9f5448491
+SHA1 (patch-src_cssparser.cc) = 780fedfba509e9fb2b2ab04debc9c9b182a0a868
+SHA1 (patch-src_hsts.c) = 6853fb438005120734853296c9bf339bb88876da
+SHA1 (patch-src_html.cc) = c8b61e3d90e724bf57b4ed3a94aa1f85a9f4e997
+SHA1 (patch-src_keys.cc) = 08c83bbc9e770711a1baa664a20003e17351f3db
+SHA1 (patch-src_misc.c) = 62ebb46459cea990b66abfa6f41423003d6d8793
+SHA1 (patch-src_table.cc) = 569e75efe38e84de52cdfa3523b17f12d51752c8
+SHA1 (patch-src_url.c) = 9826c9b1ca79e34e9d83b8f7e0e40dc82e4d3b14
+SHA1 (patch-src_xembed.cc) = 0960dc598bc47e8a713e37e9c6c7d9dc9f0a32fd
+SHA1 (patch-test_dw_dw__anchors__test.cc) = 2b14a0392027e382a89d46d0abad17cfde05c4d6
+SHA1 (patch-test_unit_cookies.c) = a0215d1bbc1ab6b3c45beb2d2c9b2041ce309468
Added files:
Index: pkgsrc/www/dillo/patches/patch-dlib_dlib.c
diff -u /dev/null pkgsrc/www/dillo/patches/patch-dlib_dlib.c:1.1
--- /dev/null Sun Jan 18 13:00:41 2026
+++ pkgsrc/www/dillo/patches/patch-dlib_dlib.c Sun Jan 18 13:00:40 2026
@@ -0,0 +1,34 @@
+$NetBSD: patch-dlib_dlib.c,v 1.1 2026/01/18 13:00:40 leot Exp $
+
+Avoid ctype(3) abuses
+
+Valid argument of ctype(3) functions must be either EOF or non-negative
+value within the range representable as unsigned char. Invalid values
+leads to undefined behavior.
+
+Add all missing d*() ctype(3) helper functions and switch to use them.
+
+Noticed by running dillo on NetBSD where dillo crashes due such
+abuses.
+
+See: https://lists.mailman3.com/hyperkitty/list/dillo-dev%mailman3.com@localhost/thread/L6QLXSD6UBDK3M5CMXQMRWD6ZB4C65MR/
+
+--- dlib/dlib.c.orig 2025-01-18 10:51:30.000000000 +0000
++++ dlib/dlib.c
+@@ -24,7 +24,6 @@
+ #include <string.h>
+ #include <unistd.h>
+ #include <errno.h>
+-#include <ctype.h>
+ #include <time.h>
+
+ #include "dlib.h"
+@@ -525,7 +524,7 @@ const char *dStr_printable(Dstr *in, int
+ out = dStr_sized_new(in->len);
+
+ for (i = 0; (i < in->len) && (out->len < maxlen); ++i) {
+- if (isprint(in->str[i]) || (in->str[i] == '\n')) {
++ if (dIsprint(in->str[i]) || (in->str[i] == '\n')) {
+ dStr_append_c(out, in->str[i]);
+ } else {
+ dStr_append_l(out, "\\x", 2);
Index: pkgsrc/www/dillo/patches/patch-dlib_dlib.h
diff -u /dev/null pkgsrc/www/dillo/patches/patch-dlib_dlib.h:1.1
--- /dev/null Sun Jan 18 13:00:41 2026
+++ pkgsrc/www/dillo/patches/patch-dlib_dlib.h Sun Jan 18 13:00:40 2026
@@ -0,0 +1,42 @@
+$NetBSD: patch-dlib_dlib.h,v 1.1 2026/01/18 13:00:40 leot Exp $
+
+Avoid ctype(3) abuses
+
+Valid argument of ctype(3) functions must be either EOF or non-negative
+value within the range representable as unsigned char. Invalid values
+leads to undefined behavior.
+
+Add all missing d*() ctype(3) helper functions and switch to use them.
+
+Noticed by running dillo on NetBSD where dillo crashes due such
+abuses.
+
+See: https://lists.mailman3.com/hyperkitty/list/dillo-dev%mailman3.com@localhost/thread/L6QLXSD6UBDK3M5CMXQMRWD6ZB4C65MR/
+
+--- dlib/dlib.h.orig 2025-01-18 10:51:30.000000000 +0000
++++ dlib/dlib.h
+@@ -1,6 +1,7 @@
+ #ifndef __DLIB_H__
+ #define __DLIB_H__
+
++#include <ctype.h>
+ #include <stdio.h> /* for FILE* */
+ #include <stddef.h> /* for size_t */
+ #include <stdarg.h> /* for va_list */
+@@ -30,8 +31,15 @@ extern "C" {
+ #define MIN(a, b) (((a) < (b)) ? (a) : (b))
+
+ /* Handle signed char */
+-#define dIsspace(c) isspace((uchar_t)(c))
+ #define dIsalnum(c) isalnum((uchar_t)(c))
++#define dIsalpha(c) isalpha((uchar_t)(c))
++#define dIscntrl(c) iscntrl((uchar_t)(c))
++#define dIsdigit(c) isdigit((uchar_t)(c))
++#define dIsprint(c) isprint((uchar_t)(c))
++#define dIspunct(c) ispunct((uchar_t)(c))
++#define dIsspace(c) isspace((uchar_t)(c))
++#define dIsxdigit(c) isxdigit((uchar_t)(c))
++#define dTolower(c) tolower((uchar_t)(c))
+
+ #define D_ASCII_TOUPPER(c) (((c) >= 'a' && (c) <= 'z') ? (c) - 0x20 : (c))
+ #define D_ASCII_TOLOWER(c) (((c) >= 'A' && (c) <= 'Z') ? (c) + 0x20 : (c))
Index: pkgsrc/www/dillo/patches/patch-dpi_bookmarks.c
diff -u /dev/null pkgsrc/www/dillo/patches/patch-dpi_bookmarks.c:1.1
--- /dev/null Sun Jan 18 13:00:41 2026
+++ pkgsrc/www/dillo/patches/patch-dpi_bookmarks.c Sun Jan 18 13:00:40 2026
@@ -0,0 +1,131 @@
+$NetBSD: patch-dpi_bookmarks.c,v 1.1 2026/01/18 13:00:40 leot Exp $
+
+Avoid ctype(3) abuses
+
+Valid argument of ctype(3) functions must be either EOF or non-negative
+value within the range representable as unsigned char. Invalid values
+leads to undefined behavior.
+
+Add all missing d*() ctype(3) helper functions and switch to use them.
+
+Noticed by running dillo on NetBSD where dillo crashes due such
+abuses.
+
+See: https://lists.mailman3.com/hyperkitty/list/dillo-dev%mailman3.com@localhost/thread/L6QLXSD6UBDK3M5CMXQMRWD6ZB4C65MR/
+
+--- dpi/bookmarks.c.orig 2025-01-18 10:51:30.000000000 +0000
++++ dpi/bookmarks.c
+@@ -26,7 +26,6 @@
+ #include <string.h>
+ #include <unistd.h>
+ #include <errno.h>
+-#include <ctype.h>
+ #include <sys/socket.h>
+ #include <sys/stat.h>
+ #include <sys/types.h>
+@@ -338,8 +337,8 @@ static void Unencode_str(char *e_str)
+ *p = '\n';
+ e += 5;
+ } else {
+- *p = (isdigit(e[1]) ? (e[1] - '0') : (e[1] - 'A' + 10)) * 16 +
+- (isdigit(e[2]) ? (e[2] - '0') : (e[2] - 'A' + 10));
++ *p = (dIsdigit(e[1]) ? (e[1] - '0') : (e[1] - 'A' + 10)) * 16 +
++ (dIsdigit(e[2]) ? (e[2] - '0') : (e[2] - 'A' + 10));
+ e += 2;
+ }
+ } else {
+@@ -807,11 +806,11 @@ static void Bmsrv_count_urls_and_section
+ *n_sec = *n_url = 0;
+ if ((p = strchr(url, '?'))) {
+ for (q = p; (q = strstr(q, "&url")); ++q) {
+- for (i = 0; isdigit(q[4+i]); ++i);
++ for (i = 0; dIsdigit(q[4+i]); ++i);
+ *n_url += (q[4+i] == '=') ? 1 : 0;
+ }
+ for (q = p; (q = strstr(q, "&s")); ++q) {
+- for (i = 0; isdigit(q[2+i]); ++i);
++ for (i = 0; dIsdigit(q[2+i]); ++i);
+ *n_sec += (q[2+i] == '=') ? 1 : 0;
+ }
+ }
+@@ -972,7 +971,7 @@ static int Bmsrv_send_modify_update(Dsh
+ /* send items here */
+ p = strchr(url1, '?');
+ for (q = p; (q = strstr(q, "&s")); ++q) {
+- for (i = 0; isdigit(q[2+i]); ++i);
++ for (i = 0; dIsdigit(q[2+i]); ++i);
+ if (q[2+i] == '=') {
+ key = strtol(q + 2, NULL, 10);
+ if ((sec_node = Bms_get_sec(key))) {
+@@ -992,7 +991,7 @@ static int Bmsrv_send_modify_update(Dsh
+ /* send items here */
+ p = strchr(url1, '?');
+ for (q = p; (q = strstr(q, "&url")); ++q) {
+- for (i = 0; isdigit(q[4+i]); ++i);
++ for (i = 0; dIsdigit(q[4+i]); ++i);
+ if (q[4+i] == '=') {
+ key = strtol(q + 4, NULL, 10);
+ bm_node = Bms_get(key);
+@@ -1060,7 +1059,7 @@ static int Bmsrv_modify_delete(char *url
+ /* Remove marked sections */
+ p = strchr(url, '?');
+ for (ns = 0; (p = strstr(p, "&s")); ++p) {
+- if (isdigit(p[2])) {
++ if (dIsdigit(p[2])) {
+ key = strtol(p + 2, NULL, 10);
+ Bms_sec_del(key);
+ ++ns;
+@@ -1070,7 +1069,7 @@ static int Bmsrv_modify_delete(char *url
+ /* Remove marked urls */
+ p = strchr(url, '?');
+ for (nb = 0; (p = strstr(p, "&url")); ++p) {
+- if (isdigit(p[4])) {
++ if (dIsdigit(p[4])) {
+ key = strtol(p + 4, NULL, 10);
+ Bms_del(key);
+ ++nb;
+@@ -1105,7 +1104,7 @@ static int Bmsrv_modify_move(char *url)
+
+ /* get target section */
+ for (p = url; (p = strstr(p, "&s")); ++p) {
+- if (isdigit(p[2])) {
++ if (dIsdigit(p[2])) {
+ section = strtol(p + 2, NULL, 10);
+ break;
+ }
+@@ -1116,7 +1115,7 @@ static int Bmsrv_modify_move(char *url)
+ /* move marked urls */
+ p = strchr(url, '?');
+ for (n = 0; (p = strstr(p, "&url")); ++p) {
+- if (isdigit(p[4])) {
++ if (dIsdigit(p[4])) {
+ key = strtol(p + 4, NULL, 10);
+ Bms_move(key, section);
+ ++n;
+@@ -1145,7 +1144,7 @@ static int Bmsrv_modify_update(char *url
+ p = strchr(url, '?');
+ for ( ; (p = strstr(p, "s")); ++p) {
+ if (p[-1] == '&' || p[-1] == '?' ) {
+- for (i = 0; isdigit(p[1 + i]); ++i);
++ for (i = 0; dIsdigit(p[1 + i]); ++i);
+ if (i && p[1 + i] == '=') {
+ /* we have a title/key to change */
+ key = strtol(p + 1, NULL, 10);
+@@ -1164,7 +1163,7 @@ static int Bmsrv_modify_update(char *url
+ p = strchr(url, '?');
+ for ( ; (p = strstr(p, "title")); ++p) {
+ if (p[-1] == '&' || p[-1] == '?' ) {
+- for (i = 0; isdigit(p[5 + i]); ++i);
++ for (i = 0; dIsdigit(p[5 + i]); ++i);
+ if (i && p[5 + i] == '=') {
+ /* we have a title/key to change */
+ key = strtol(p + 5, NULL, 10);
+@@ -1229,7 +1228,7 @@ static int Bmsrv_modify_add_url(Dsh *sh,
+ if (sh == NULL) {
+ /* look for section */
+ for (q = s_url; (q = strstr(q, "&s")); ++q) {
+- for (i = 0; isdigit(q[2+i]); ++i);
++ for (i = 0; dIsdigit(q[2+i]); ++i);
+ if (q[2+i] == '=')
+ section = strtol(q + 2, NULL, 10);
+ }
Index: pkgsrc/www/dillo/patches/patch-dpi_cookies.c
diff -u /dev/null pkgsrc/www/dillo/patches/patch-dpi_cookies.c:1.1
--- /dev/null Sun Jan 18 13:00:41 2026
+++ pkgsrc/www/dillo/patches/patch-dpi_cookies.c Sun Jan 18 13:00:40 2026
@@ -0,0 +1,82 @@
+$NetBSD: patch-dpi_cookies.c,v 1.1 2026/01/18 13:00:40 leot Exp $
+
+Avoid ctype(3) abuses
+
+Valid argument of ctype(3) functions must be either EOF or non-negative
+value within the range representable as unsigned char. Invalid values
+leads to undefined behavior.
+
+Add all missing d*() ctype(3) helper functions and switch to use them.
+
+Noticed by running dillo on NetBSD where dillo crashes due such
+abuses.
+
+See: https://lists.mailman3.com/hyperkitty/list/dillo-dev%mailman3.com@localhost/thread/L6QLXSD6UBDK3M5CMXQMRWD6ZB4C65MR/
+
+--- dpi/cookies.c.orig 2025-01-18 10:51:30.000000000 +0000
++++ dpi/cookies.c
+@@ -44,7 +44,6 @@ int main(void)
+ #include <stdlib.h>
+ #include <stdio.h>
+ #include <time.h> /* for time() and time_t */
+-#include <ctype.h>
+ #include <limits.h>
+ #include <netdb.h>
+ #include <signal.h>
+@@ -487,14 +486,14 @@ static int Cookies_get_timefield(const c
+ int n;
+ const char *s = *str;
+
+- if (!isdigit(*s))
++ if (!dIsdigit(*s))
+ return -1;
+
+ n = *(s++) - '0';
+- if (isdigit(*s)) {
++ if (dIsdigit(*s)) {
+ n *= 10;
+ n += *(s++) - '0';
+- if (isdigit(*s))
++ if (dIsdigit(*s))
+ return -1;
+ }
+ *str = s;
+@@ -550,24 +549,24 @@ static bool_t Cookies_get_year(struct tm
+ int n;
+ const char *s = *str;
+
+- if (isdigit(*s))
++ if (dIsdigit(*s))
+ n = *(s++) - '0';
+ else
+ return FALSE;
+- if (isdigit(*s)) {
++ if (dIsdigit(*s)) {
+ n *= 10;
+ n += *(s++) - '0';
+ } else
+ return FALSE;
+- if (isdigit(*s)) {
++ if (dIsdigit(*s)) {
+ n *= 10;
+ n += *(s++) - '0';
+ }
+- if (isdigit(*s)) {
++ if (dIsdigit(*s)) {
+ n *= 10;
+ n += *(s++) - '0';
+ }
+- if (isdigit(*s)) {
++ if (dIsdigit(*s)) {
+ /* Sorry, users of prehistoric software in the year 10000! */
+ return FALSE;
+ }
+@@ -936,7 +935,7 @@ static CookieData_t *Cookies_parse(char
+ cookie->domain = value;
+ } else if (dStrAsciiCasecmp(attr, "Max-Age") == 0) {
+ value = Cookies_parse_value(&str);
+- if (isdigit(*value) || *value == '-') {
++ if (dIsdigit(*value) || *value == '-') {
+ long age;
+ time_t now = time(NULL);
+ struct tm *tm = gmtime(&now);
Index: pkgsrc/www/dillo/patches/patch-dpi_datauri.c
diff -u /dev/null pkgsrc/www/dillo/patches/patch-dpi_datauri.c:1.1
--- /dev/null Sun Jan 18 13:00:41 2026
+++ pkgsrc/www/dillo/patches/patch-dpi_datauri.c Sun Jan 18 13:00:40 2026
@@ -0,0 +1,34 @@
+$NetBSD: patch-dpi_datauri.c,v 1.1 2026/01/18 13:00:40 leot Exp $
+
+Avoid ctype(3) abuses
+
+Valid argument of ctype(3) functions must be either EOF or non-negative
+value within the range representable as unsigned char. Invalid values
+leads to undefined behavior.
+
+Add all missing d*() ctype(3) helper functions and switch to use them.
+
+Noticed by running dillo on NetBSD where dillo crashes due such
+abuses.
+
+See: https://lists.mailman3.com/hyperkitty/list/dillo-dev%mailman3.com@localhost/thread/L6QLXSD6UBDK3M5CMXQMRWD6ZB4C65MR/
+
+--- dpi/datauri.c.orig 2025-01-18 10:51:30.000000000 +0000
++++ dpi/datauri.c
+@@ -15,7 +15,6 @@
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <string.h>
+-#include <ctype.h>
+ #include <errno.h>
+
+ #include "../dpip/dpip.h"
+@@ -45,7 +44,7 @@ static void b64strip_illegal_chars(unsig
+ MSG("len=%d{%s}\n", strlen((char*)str), str);
+
+ for (p = s; (*p = *s); ++s) {
+- if (d_isascii(*p) && (isalnum(*p) || strchr("+/=", *p)))
++ if (d_isascii(*p) && (dIsalnum(*p) || strchr("+/=", *p)))
+ ++p;
+ }
+
Index: pkgsrc/www/dillo/patches/patch-dpi_downloads.cc
diff -u /dev/null pkgsrc/www/dillo/patches/patch-dpi_downloads.cc:1.1
--- /dev/null Sun Jan 18 13:00:41 2026
+++ pkgsrc/www/dillo/patches/patch-dpi_downloads.cc Sun Jan 18 13:00:40 2026
@@ -0,0 +1,59 @@
+$NetBSD: patch-dpi_downloads.cc,v 1.1 2026/01/18 13:00:40 leot Exp $
+
+Avoid ctype(3) abuses
+
+Valid argument of ctype(3) functions must be either EOF or non-negative
+value within the range representable as unsigned char. Invalid values
+leads to undefined behavior.
+
+Add all missing d*() ctype(3) helper functions and switch to use them.
+
+Noticed by running dillo on NetBSD where dillo crashes due such
+abuses.
+
+See: https://lists.mailman3.com/hyperkitty/list/dillo-dev%mailman3.com@localhost/thread/L6QLXSD6UBDK3M5CMXQMRWD6ZB4C65MR/
+
+--- dpi/downloads.cc.orig 2025-01-18 10:51:30.000000000 +0000
++++ dpi/downloads.cc
+@@ -20,7 +20,6 @@
+ #include <unistd.h>
+ #include <errno.h>
+ #include <fcntl.h>
+-#include <ctype.h>
+ #include <math.h>
+ #include <time.h>
+ #include <signal.h>
+@@ -513,7 +512,7 @@ void DLItem::log_text_add(const char *bu
+ case ST_newline:
+ if (*p == ' ') {
+ log_state = ST_discard;
+- } else if (isdigit(*p)) {
++ } else if (dIsdigit(*p)) {
+ *q++ = *p; log_state = ST_number;
+ } else if (*p == '\n') {
+ *q++ = *p;
+@@ -522,10 +521,10 @@ void DLItem::log_text_add(const char *bu
+ }
+ break;
+ case ST_number:
+- if (isdigit(*q++ = *p)) {
++ if (dIsdigit((*q++ = *p))) {
+ // keep here
+ } else if (*p == 'K') {
+- for (--q; isdigit(q[-1]); --q) ;
++ for (--q; dIsdigit(q[-1]); --q) ;
+ log_state = ST_discard;
+ } else {
+ log_state = ST_copy;
+@@ -549,9 +548,9 @@ void DLItem::log_text_add(const char *bu
+ // Now scan for the length of the file
+ if (total_bytesize == -1) {
+ p = strstr(log_text, "\nLength: ");
+- if (p && isdigit(p[9]) && strchr(p + 9, ' ')) {
++ if (p && dIsdigit(p[9]) && strchr(p + 9, ' ')) {
+ for (p += 9, d = &num[0]; *p != ' '; ++p)
+- if (isdigit(*p))
++ if (dIsdigit(*p))
+ *d++ = *p;
+ *d = 0;
+ total_bytesize = strtol (num, NULL, 10);
Index: pkgsrc/www/dillo/patches/patch-dpi_dpiutil.c
diff -u /dev/null pkgsrc/www/dillo/patches/patch-dpi_dpiutil.c:1.1
--- /dev/null Sun Jan 18 13:00:41 2026
+++ pkgsrc/www/dillo/patches/patch-dpi_dpiutil.c Sun Jan 18 13:00:40 2026
@@ -0,0 +1,39 @@
+$NetBSD: patch-dpi_dpiutil.c,v 1.1 2026/01/18 13:00:40 leot Exp $
+
+Avoid ctype(3) abuses
+
+Valid argument of ctype(3) functions must be either EOF or non-negative
+value within the range representable as unsigned char. Invalid values
+leads to undefined behavior.
+
+Add all missing d*() ctype(3) helper functions and switch to use them.
+
+Noticed by running dillo on NetBSD where dillo crashes due such
+abuses.
+
+See: https://lists.mailman3.com/hyperkitty/list/dillo-dev%mailman3.com@localhost/thread/L6QLXSD6UBDK3M5CMXQMRWD6ZB4C65MR/
+
+--- dpi/dpiutil.c.orig 2025-01-18 10:51:30.000000000 +0000
++++ dpi/dpiutil.c
+@@ -14,7 +14,6 @@
+ #include <stdio.h>
+ #include <stdarg.h>
+ #include <string.h>
+-#include <ctype.h>
+ #include <errno.h>
+ #include <sys/socket.h>
+
+@@ -67,10 +66,10 @@ char *Unescape_uri_str(const char *s)
+
+ if (strchr(s, '%')) {
+ for (p = buf; (*p = *s); ++s, ++p) {
+- if (*p == '%' && isxdigit(s[1]) && isxdigit(s[2])) {
+- *p = (isdigit(s[1]) ? (s[1] - '0')
++ if (*p == '%' && dIsxdigit(s[1]) && dIsxdigit(s[2])) {
++ *p = (dIsdigit(s[1]) ? (s[1] - '0')
+ : D_ASCII_TOUPPER(s[1]) - 'A' + 10) * 16;
+- *p += isdigit(s[2]) ? (s[2] - '0')
++ *p += dIsdigit(s[2]) ? (s[2] - '0')
+ : D_ASCII_TOUPPER(s[2]) - 'A' + 10;
+ s += 2;
+ }
Index: pkgsrc/www/dillo/patches/patch-dpi_file.c
diff -u /dev/null pkgsrc/www/dillo/patches/patch-dpi_file.c:1.1
--- /dev/null Sun Jan 18 13:00:41 2026
+++ pkgsrc/www/dillo/patches/patch-dpi_file.c Sun Jan 18 13:00:40 2026
@@ -0,0 +1,25 @@
+$NetBSD: patch-dpi_file.c,v 1.1 2026/01/18 13:00:40 leot Exp $
+
+Avoid ctype(3) abuses
+
+Valid argument of ctype(3) functions must be either EOF or non-negative
+value within the range representable as unsigned char. Invalid values
+leads to undefined behavior.
+
+Add all missing d*() ctype(3) helper functions and switch to use them.
+
+Noticed by running dillo on NetBSD where dillo crashes due such
+abuses.
+
+See: https://lists.mailman3.com/hyperkitty/list/dillo-dev%mailman3.com@localhost/thread/L6QLXSD6UBDK3M5CMXQMRWD6ZB4C65MR/
+
+--- dpi/file.c.orig 2025-01-18 10:51:30.000000000 +0000
++++ dpi/file.c
+@@ -16,7 +16,6 @@
+ * With new HTML layout.
+ */
+
+-#include <ctype.h> /* for isspace */
+ #include <errno.h> /* for errno */
+ #include <stdio.h>
+ #include <stdlib.h>
Index: pkgsrc/www/dillo/patches/patch-dpi_ftp.c
diff -u /dev/null pkgsrc/www/dillo/patches/patch-dpi_ftp.c:1.1
--- /dev/null Sun Jan 18 13:00:41 2026
+++ pkgsrc/www/dillo/patches/patch-dpi_ftp.c Sun Jan 18 13:00:40 2026
@@ -0,0 +1,25 @@
+$NetBSD: patch-dpi_ftp.c,v 1.1 2026/01/18 13:00:40 leot Exp $
+
+Avoid ctype(3) abuses
+
+Valid argument of ctype(3) functions must be either EOF or non-negative
+value within the range representable as unsigned char. Invalid values
+leads to undefined behavior.
+
+Add all missing d*() ctype(3) helper functions and switch to use them.
+
+Noticed by running dillo on NetBSD where dillo crashes due such
+abuses.
+
+See: https://lists.mailman3.com/hyperkitty/list/dillo-dev%mailman3.com@localhost/thread/L6QLXSD6UBDK3M5CMXQMRWD6ZB4C65MR/
+
+--- dpi/ftp.c.orig 2025-01-18 10:51:30.000000000 +0000
++++ dpi/ftp.c
+@@ -39,7 +39,6 @@
+ #include <sys/wait.h>
+ #include <errno.h>
+ #include <sys/time.h>
+-#include <ctype.h>
+
+ #include "../dpip/dpip.h"
+ #include "dpiutil.h"
Index: pkgsrc/www/dillo/patches/patch-dpid_dpidc.c
diff -u /dev/null pkgsrc/www/dillo/patches/patch-dpid_dpidc.c:1.1
--- /dev/null Sun Jan 18 13:00:41 2026
+++ pkgsrc/www/dillo/patches/patch-dpid_dpidc.c Sun Jan 18 13:00:40 2026
@@ -0,0 +1,34 @@
+$NetBSD: patch-dpid_dpidc.c,v 1.1 2026/01/18 13:00:40 leot Exp $
+
+Avoid ctype(3) abuses
+
+Valid argument of ctype(3) functions must be either EOF or non-negative
+value within the range representable as unsigned char. Invalid values
+leads to undefined behavior.
+
+Add all missing d*() ctype(3) helper functions and switch to use them.
+
+Noticed by running dillo on NetBSD where dillo crashes due such
+abuses.
+
+See: https://lists.mailman3.com/hyperkitty/list/dillo-dev%mailman3.com@localhost/thread/L6QLXSD6UBDK3M5CMXQMRWD6ZB4C65MR/
+
+--- dpid/dpidc.c.orig 2025-01-18 10:51:30.000000000 +0000
++++ dpid/dpidc.c
+@@ -12,7 +12,6 @@
+ #include <stdlib.h> /* for exit */
+ #include <string.h> /* for memset */
+ #include <unistd.h> /* for read and write */
+-#include <ctype.h> /* for isxdigit */
+ #include <sys/types.h>
+ #include <sys/socket.h>
+ #include <netinet/in.h>
+@@ -59,7 +58,7 @@ static int Dpi_read_comm_keys(int *port)
+ MSG_ERR("[Dpi_read_comm_keys] empty file: %s\n", fname);
+ } else {
+ *port = strtol(rcline, &tail, 10);
+- for (i = 0; *tail && isxdigit(tail[i+1]); ++i)
++ for (i = 0; *tail && dIsxdigit(tail[i+1]); ++i)
+ SharedKey[i] = tail[i+1];
+ SharedKey[i] = 0;
+ ret = 1;
Index: pkgsrc/www/dillo/patches/patch-dpip_dpip.c
diff -u /dev/null pkgsrc/www/dillo/patches/patch-dpip_dpip.c:1.1
--- /dev/null Sun Jan 18 13:00:41 2026
+++ pkgsrc/www/dillo/patches/patch-dpip_dpip.c Sun Jan 18 13:00:40 2026
@@ -0,0 +1,34 @@
+$NetBSD: patch-dpip_dpip.c,v 1.1 2026/01/18 13:00:40 leot Exp $
+
+Avoid ctype(3) abuses
+
+Valid argument of ctype(3) functions must be either EOF or non-negative
+value within the range representable as unsigned char. Invalid values
+leads to undefined behavior.
+
+Add all missing d*() ctype(3) helper functions and switch to use them.
+
+Noticed by running dillo on NetBSD where dillo crashes due such
+abuses.
+
+See: https://lists.mailman3.com/hyperkitty/list/dillo-dev%mailman3.com@localhost/thread/L6QLXSD6UBDK3M5CMXQMRWD6ZB4C65MR/
+
+--- dpip/dpip.c.orig 2025-01-18 10:51:30.000000000 +0000
++++ dpip/dpip.c
+@@ -15,7 +15,6 @@
+ #include <stdlib.h>
+ #include <stdarg.h>
+ #include <string.h>
+-#include <ctype.h>
+ #include <unistd.h> /* for close */
+ #include <fcntl.h> /* for fcntl */
+
+@@ -220,7 +219,7 @@ int a_Dpip_check_auth(const char *auth_t
+ } else {
+ port = strtol(rcline, &tail, 10);
+ if (tail && port != 0) {
+- for (i = 0; *tail && isxdigit(tail[i+1]); ++i)
++ for (i = 0; *tail && dIsxdigit(tail[i+1]); ++i)
+ SharedSecret[i] = tail[i+1];
+ SharedSecret[i] = 0;
+ if (strcmp(msg, SharedSecret) == 0)
Index: pkgsrc/www/dillo/patches/patch-dw_findtext.hh
diff -u /dev/null pkgsrc/www/dillo/patches/patch-dw_findtext.hh:1.1
--- /dev/null Sun Jan 18 13:00:41 2026
+++ pkgsrc/www/dillo/patches/patch-dw_findtext.hh Sun Jan 18 13:00:40 2026
@@ -0,0 +1,37 @@
+$NetBSD: patch-dw_findtext.hh,v 1.1 2026/01/18 13:00:40 leot Exp $
+
+Avoid ctype(3) abuses
+
+Valid argument of ctype(3) functions must be either EOF or non-negative
+value within the range representable as unsigned char. Invalid values
+leads to undefined behavior.
+
+Add all missing d*() ctype(3) helper functions and switch to use them.
+
+Noticed by running dillo on NetBSD where dillo crashes due such
+abuses.
+
+See: https://lists.mailman3.com/hyperkitty/list/dillo-dev%mailman3.com@localhost/thread/L6QLXSD6UBDK3M5CMXQMRWD6ZB4C65MR/
+
+--- dw/findtext.hh.orig 2025-01-18 10:51:30.000000000 +0000
++++ dw/findtext.hh
+@@ -5,7 +5,7 @@
+ # error Do not include this file directly, use "core.hh" instead.
+ #endif
+
+-#include <ctype.h>
++#include "dlib/dlib.h"
+
+ namespace dw {
+ namespace core {
+@@ -66,8 +66,8 @@ private:
+ bool search0 (bool backwards, bool firstTrial);
+
+ inline static bool charsEqual (char c1, char c2, bool caseSens)
+- { return caseSens ? c1 == c2 : tolower (c1) == tolower (c2) ||
+- (isspace (c1) && isspace (c2)); }
++ { return caseSens ? c1 == c2 : dTolower (c1) == dTolower (c2) ||
++ (dIsspace (c1) && dIsspace (c2)); }
+
+ public:
+ FindtextState ();
Index: pkgsrc/www/dillo/patches/patch-dw_fltkui.cc
diff -u /dev/null pkgsrc/www/dillo/patches/patch-dw_fltkui.cc:1.1
--- /dev/null Sun Jan 18 13:00:41 2026
+++ pkgsrc/www/dillo/patches/patch-dw_fltkui.cc Sun Jan 18 13:00:40 2026
@@ -0,0 +1,34 @@
+$NetBSD: patch-dw_fltkui.cc,v 1.1 2026/01/18 13:00:40 leot Exp $
+
+Avoid ctype(3) abuses
+
+Valid argument of ctype(3) functions must be either EOF or non-negative
+value within the range representable as unsigned char. Invalid values
+leads to undefined behavior.
+
+Add all missing d*() ctype(3) helper functions and switch to use them.
+
+Noticed by running dillo on NetBSD where dillo crashes due such
+abuses.
+
+See: https://lists.mailman3.com/hyperkitty/list/dillo-dev%mailman3.com@localhost/thread/L6QLXSD6UBDK3M5CMXQMRWD6ZB4C65MR/
+
+--- dw/fltkui.cc.orig 2025-01-18 10:51:30.000000000 +0000
++++ dw/fltkui.cc
+@@ -365,14 +365,14 @@ int CustChoice::handle(int e)
+ if (k == FL_Enter || k == FL_Down) {
+ return Fl_Choice::handle(FL_PUSH); // activate menu
+
+- } else if (isalnum(k)) { // try key as shortcut to menuitem
++ } else if (dIsalnum(k)) { // try key as shortcut to menuitem
+ int t = value()+1 >= size() ? 0 : value()+1;
+ while (t != value()) {
+ const Fl_Menu_Item *mi = &(menu()[t]);
+ if (mi->submenu()) // submenu?
+ ;
+ else if (mi->label() && mi->active()) { // menu item?
+- if (k == tolower(mi->label()[0])) {
++ if (k == dTolower(mi->label()[0])) {
+ value(mi);
+ return 1; // Let FLTK know we used this key
+ }
Index: pkgsrc/www/dillo/patches/patch-dw_style.cc
diff -u /dev/null pkgsrc/www/dillo/patches/patch-dw_style.cc:1.1
--- /dev/null Sun Jan 18 13:00:41 2026
+++ pkgsrc/www/dillo/patches/patch-dw_style.cc Sun Jan 18 13:00:40 2026
@@ -0,0 +1,25 @@
+$NetBSD: patch-dw_style.cc,v 1.1 2026/01/18 13:00:40 leot Exp $
+
+Avoid ctype(3) abuses
+
+Valid argument of ctype(3) functions must be either EOF or non-negative
+value within the range representable as unsigned char. Invalid values
+leads to undefined behavior.
+
+Add all missing d*() ctype(3) helper functions and switch to use them.
+
+Noticed by running dillo on NetBSD where dillo crashes due such
+abuses.
+
+See: https://lists.mailman3.com/hyperkitty/list/dillo-dev%mailman3.com@localhost/thread/L6QLXSD6UBDK3M5CMXQMRWD6ZB4C65MR/
+
+--- dw/style.cc.orig 2025-01-18 10:51:30.000000000 +0000
++++ dw/style.cc
+@@ -20,7 +20,6 @@
+ #include <stdio.h>
+ #include <string.h>
+ #include <unistd.h>
+-#include <ctype.h>
+ #include <math.h>
+
+ #include "dlib/dlib.h"
Index: pkgsrc/www/dillo/patches/patch-dw_textblock.cc
diff -u /dev/null pkgsrc/www/dillo/patches/patch-dw_textblock.cc:1.1
--- /dev/null Sun Jan 18 13:00:41 2026
+++ pkgsrc/www/dillo/patches/patch-dw_textblock.cc Sun Jan 18 13:00:40 2026
@@ -0,0 +1,52 @@
+$NetBSD: patch-dw_textblock.cc,v 1.1 2026/01/18 13:00:40 leot Exp $
+
+Avoid ctype(3) abuses
+
+Valid argument of ctype(3) functions must be either EOF or non-negative
+value within the range representable as unsigned char. Invalid values
+leads to undefined behavior.
+
+Add all missing d*() ctype(3) helper functions and switch to use them.
+
+Noticed by running dillo on NetBSD where dillo crashes due such
+abuses.
+
+See: https://lists.mailman3.com/hyperkitty/list/dillo-dev%mailman3.com@localhost/thread/L6QLXSD6UBDK3M5CMXQMRWD6ZB4C65MR/
+
+--- dw/textblock.cc.orig 2025-01-18 10:51:30.000000000 +0000
++++ dw/textblock.cc
+@@ -1238,14 +1238,14 @@ void Textblock::drawText(core::View *vie
+ bool initial_seen = false;
+
+ for (int i = 0; i < start; i++)
+- if (!ispunct(text[i]))
++ if (!dIspunct(text[i]))
+ initial_seen = true;
+ if (initial_seen)
+ break;
+
+ int after = 0;
+ text += start;
+- while (ispunct(text[after]))
++ while (dIspunct(text[after]))
+ after++;
+ if (text[after])
+ after = layout->nextGlyph(text, after);
+@@ -1931,7 +1931,7 @@ int Textblock::textWidth(const char *tex
+ bool initial_seen = false;
+
+ for (int i = 0; i < start; i++)
+- if (!ispunct(text[i]))
++ if (!dIspunct(text[i]))
+ initial_seen = true;
+ if (initial_seen) {
+ ret = layout->textWidth(style->font, text+start, len);
+@@ -1939,7 +1939,7 @@ int Textblock::textWidth(const char *tex
+ int after = 0;
+
+ text += start;
+- while (ispunct(text[after]))
++ while (dIspunct(text[after]))
+ after++;
+ if (text[after])
+ after = layout->nextGlyph(text, after);
Index: pkgsrc/www/dillo/patches/patch-lout_misc.cc
diff -u /dev/null pkgsrc/www/dillo/patches/patch-lout_misc.cc:1.1
--- /dev/null Sun Jan 18 13:00:41 2026
+++ pkgsrc/www/dillo/patches/patch-lout_misc.cc Sun Jan 18 13:00:41 2026
@@ -0,0 +1,25 @@
+$NetBSD: patch-lout_misc.cc,v 1.1 2026/01/18 13:00:41 leot Exp $
+
+Avoid ctype(3) abuses
+
+Valid argument of ctype(3) functions must be either EOF or non-negative
+value within the range representable as unsigned char. Invalid values
+leads to undefined behavior.
+
+Add all missing d*() ctype(3) helper functions and switch to use them.
+
+Noticed by running dillo on NetBSD where dillo crashes due such
+abuses.
+
+See: https://lists.mailman3.com/hyperkitty/list/dillo-dev%mailman3.com@localhost/thread/L6QLXSD6UBDK3M5CMXQMRWD6ZB4C65MR/
+
+--- lout/misc.cc.orig 2025-01-18 10:51:30.000000000 +0000
++++ lout/misc.cc
+@@ -21,7 +21,6 @@
+
+ #include "misc.hh"
+
+-#include <ctype.h>
+ #include <config.h>
+
+ #define PRGNAME PACKAGE "/" VERSION
Index: pkgsrc/www/dillo/patches/patch-src_IO_dpi.c
diff -u /dev/null pkgsrc/www/dillo/patches/patch-src_IO_dpi.c:1.1
--- /dev/null Sun Jan 18 13:00:41 2026
+++ pkgsrc/www/dillo/patches/patch-src_IO_dpi.c Sun Jan 18 13:00:41 2026
@@ -0,0 +1,34 @@
+$NetBSD: patch-src_IO_dpi.c,v 1.1 2026/01/18 13:00:41 leot Exp $
+
+Avoid ctype(3) abuses
+
+Valid argument of ctype(3) functions must be either EOF or non-negative
+value within the range representable as unsigned char. Invalid values
+leads to undefined behavior.
+
+Add all missing d*() ctype(3) helper functions and switch to use them.
+
+Noticed by running dillo on NetBSD where dillo crashes due such
+abuses.
+
+See: https://lists.mailman3.com/hyperkitty/list/dillo-dev%mailman3.com@localhost/thread/L6QLXSD6UBDK3M5CMXQMRWD6ZB4C65MR/
+
+--- src/IO/dpi.c.orig 2025-01-18 10:51:30.000000000 +0000
++++ src/IO/dpi.c
+@@ -25,7 +25,6 @@
+ #include <stdio.h>
+ #include <errno.h> /* for errno */
+ #include <fcntl.h>
+-#include <ctype.h> /* isxdigit */
+ #include <stdint.h>
+
+ #include <sys/socket.h>
+@@ -404,7 +403,7 @@ static int Dpi_read_comm_keys(int *port)
+ MSG_ERR("[Dpi_read_comm_keys] empty file: %s\n", fname);
+ } else {
+ *port = strtol(rcline, &tail, 10);
+- for (i = 0; *tail && isxdigit(tail[i+1]); ++i)
++ for (i = 0; *tail && dIsxdigit(tail[i+1]); ++i)
+ SharedKey[i] = tail[i+1];
+ SharedKey[i] = 0;
+ ret = 1;
Index: pkgsrc/www/dillo/patches/patch-src_IO_http.c
diff -u /dev/null pkgsrc/www/dillo/patches/patch-src_IO_http.c:1.1
--- /dev/null Sun Jan 18 13:00:41 2026
+++ pkgsrc/www/dillo/patches/patch-src_IO_http.c Sun Jan 18 13:00:41 2026
@@ -0,0 +1,34 @@
+$NetBSD: patch-src_IO_http.c,v 1.1 2026/01/18 13:00:41 leot Exp $
+
+Avoid ctype(3) abuses
+
+Valid argument of ctype(3) functions must be either EOF or non-negative
+value within the range representable as unsigned char. Invalid values
+leads to undefined behavior.
+
+Add all missing d*() ctype(3) helper functions and switch to use them.
+
+Noticed by running dillo on NetBSD where dillo crashes due such
+abuses.
+
+See: https://lists.mailman3.com/hyperkitty/list/dillo-dev%mailman3.com@localhost/thread/L6QLXSD6UBDK3M5CMXQMRWD6ZB4C65MR/
+
+--- src/IO/http.c.orig 2025-01-18 10:51:30.000000000 +0000
++++ src/IO/http.c
+@@ -17,7 +17,6 @@
+
+ #include <config.h>
+
+-#include <ctype.h> /* isdigit */
+ #include <unistd.h>
+ #include <errno.h> /* for errno */
+ #include <stdlib.h>
+@@ -701,7 +700,7 @@ static char *Http_get_connect_str(const
+ dstr = dStr_new("");
+ auth1 = URL_AUTHORITY(url);
+ auth_len = strlen(auth1);
+- if (auth_len > 0 && !isdigit(auth1[auth_len - 1]))
++ if (auth_len > 0 && !dIsdigit(auth1[auth_len - 1]))
+ /* if no port number, add HTTPS port */
+ auth2 = dStrconcat(auth1, ":443", NULL);
+ else
Index: pkgsrc/www/dillo/patches/patch-src_IO_tls__openssl.c
diff -u /dev/null pkgsrc/www/dillo/patches/patch-src_IO_tls__openssl.c:1.1
--- /dev/null Sun Jan 18 13:00:41 2026
+++ pkgsrc/www/dillo/patches/patch-src_IO_tls__openssl.c Sun Jan 18 13:00:41 2026
@@ -0,0 +1,51 @@
+$NetBSD: patch-src_IO_tls__openssl.c,v 1.1 2026/01/18 13:00:41 leot Exp $
+
+Avoid ctype(3) abuses
+
+Valid argument of ctype(3) functions must be either EOF or non-negative
+value within the range representable as unsigned char. Invalid values
+leads to undefined behavior.
+
+Add all missing d*() ctype(3) helper functions and switch to use them.
+
+Noticed by running dillo on NetBSD where dillo crashes due such
+abuses.
+
+See: https://lists.mailman3.com/hyperkitty/list/dillo-dev%mailman3.com@localhost/thread/L6QLXSD6UBDK3M5CMXQMRWD6ZB4C65MR/
+
+--- src/IO/tls_openssl.c.orig 2025-01-18 10:51:30.000000000 +0000
++++ src/IO/tls_openssl.c
+@@ -39,7 +39,6 @@
+ #include <sys/stat.h>
+ #include <sys/types.h>
+
+-#include <ctype.h> /* tolower for wget stuff */
+ #include <stdio.h>
+ #include <errno.h>
+ #include "../../dlib/dlib.h"
+@@ -576,13 +575,13 @@ static bool_t pattern_match (const char
+
+ const char *p = pattern, *n = string;
+ char c;
+- for (; (c = tolower (*p++)) != '\0'; n++)
++ for (; (c = dTolower (*p++)) != '\0'; n++)
+ if (c == '*')
+ {
+- for (c = tolower (*p); c == '*'; c = tolower (*++p))
++ for (c = dTolower (*p); c == '*'; c = dTolower (*++p))
+ ;
+ for (; *n != '\0'; n++)
+- if (tolower (*n) == c && pattern_match (p, n))
++ if (dTolower (*n) == c && pattern_match (p, n))
+ return TRUE;
+ #ifdef ASTERISK_EXCLUDES_DOT
+ else if (*n == '.')
+@@ -592,7 +591,7 @@ static bool_t pattern_match (const char
+ }
+ else
+ {
+- if (c != tolower (*n))
++ if (c != dTolower (*n))
+ return FALSE;
+ }
+ return *n == '\0';
Index: pkgsrc/www/dillo/patches/patch-src_auth.c
diff -u /dev/null pkgsrc/www/dillo/patches/patch-src_auth.c:1.1
--- /dev/null Sun Jan 18 13:00:41 2026
+++ pkgsrc/www/dillo/patches/patch-src_auth.c Sun Jan 18 13:00:41 2026
@@ -0,0 +1,34 @@
+$NetBSD: patch-src_auth.c,v 1.1 2026/01/18 13:00:41 leot Exp $
+
+Avoid ctype(3) abuses
+
+Valid argument of ctype(3) functions must be either EOF or non-negative
+value within the range representable as unsigned char. Invalid values
+leads to undefined behavior.
+
+Add all missing d*() ctype(3) helper functions and switch to use them.
+
+Noticed by running dillo on NetBSD where dillo crashes due such
+abuses.
+
+See: https://lists.mailman3.com/hyperkitty/list/dillo-dev%mailman3.com@localhost/thread/L6QLXSD6UBDK3M5CMXQMRWD6ZB4C65MR/
+
+--- src/auth.c.orig 2025-01-18 10:51:30.000000000 +0000
++++ src/auth.c
+@@ -17,7 +17,6 @@
+ */
+
+
+-#include <ctype.h> /* iscntrl, isascii */
+ #include "auth.h"
+ #include "msg.h"
+ #include "misc.h"
+@@ -105,7 +104,7 @@ static int Auth_path_is_inside(const cha
+ static int Auth_is_token_char(char c)
+ {
+ const char *invalid = "\"()<>@,;:\\[]?=/{} \t";
+- return (!d_isascii(c) || strchr(invalid, c) || iscntrl((uchar_t)c)) ? 0 : 1;
++ return (!d_isascii(c) || strchr(invalid, c) || dIscntrl(c)) ? 0 : 1;
+ }
+
+ /**
Index: pkgsrc/www/dillo/patches/patch-src_colors.c
diff -u /dev/null pkgsrc/www/dillo/patches/patch-src_colors.c:1.1
--- /dev/null Sun Jan 18 13:00:41 2026
+++ pkgsrc/www/dillo/patches/patch-src_colors.c Sun Jan 18 13:00:41 2026
@@ -0,0 +1,31 @@
+$NetBSD: patch-src_colors.c,v 1.1 2026/01/18 13:00:41 leot Exp $
+
+Avoid ctype(3) abuses
+
+Valid argument of ctype(3) functions must be either EOF or non-negative
+value within the range representable as unsigned char. Invalid values
+leads to undefined behavior.
+
+Add all missing d*() ctype(3) helper functions and switch to use them.
+
+Noticed by running dillo on NetBSD where dillo crashes due such
+abuses.
+
+See: https://lists.mailman3.com/hyperkitty/list/dillo-dev%mailman3.com@localhost/thread/L6QLXSD6UBDK3M5CMXQMRWD6ZB4C65MR/
+
+--- src/colors.c.orig 2025-01-18 10:51:30.000000000 +0000
++++ src/colors.c
+@@ -11,11 +11,12 @@
+
+ #include <string.h>
+ #include <stdlib.h>
+-#include <ctype.h>
+ #include "colors.h"
+
+ #include "msg.h"
+
++#include "../dlib/dlib.h"
++
+ /*
+ * If EXTENDED_COLOR is defined, the extended set of named colors is supported.
+ * These colors're not standard but they're supported in most browsers.
Index: pkgsrc/www/dillo/patches/patch-src_cookies.c
diff -u /dev/null pkgsrc/www/dillo/patches/patch-src_cookies.c:1.1
--- /dev/null Sun Jan 18 13:00:41 2026
+++ pkgsrc/www/dillo/patches/patch-src_cookies.c Sun Jan 18 13:00:41 2026
@@ -0,0 +1,25 @@
+$NetBSD: patch-src_cookies.c,v 1.1 2026/01/18 13:00:41 leot Exp $
+
+Avoid ctype(3) abuses
+
+Valid argument of ctype(3) functions must be either EOF or non-negative
+value within the range representable as unsigned char. Invalid values
+leads to undefined behavior.
+
+Add all missing d*() ctype(3) helper functions and switch to use them.
+
+Noticed by running dillo on NetBSD where dillo crashes due such
+abuses.
+
+See: https://lists.mailman3.com/hyperkitty/list/dillo-dev%mailman3.com@localhost/thread/L6QLXSD6UBDK3M5CMXQMRWD6ZB4C65MR/
+
+--- src/cookies.c.orig 2025-01-18 10:51:30.000000000 +0000
++++ src/cookies.c
+@@ -36,7 +36,6 @@ void a_Cookies_init(void)
+ #include <unistd.h>
+ #include <stdlib.h>
+ #include <stdio.h>
+-#include <ctype.h>
+ #include <errno.h>
+
+ #include "IO/Url.h"
Index: pkgsrc/www/dillo/patches/patch-src_cssparser.cc
diff -u /dev/null pkgsrc/www/dillo/patches/patch-src_cssparser.cc:1.1
--- /dev/null Sun Jan 18 13:00:41 2026
+++ pkgsrc/www/dillo/patches/patch-src_cssparser.cc Sun Jan 18 13:00:41 2026
@@ -0,0 +1,111 @@
+$NetBSD: patch-src_cssparser.cc,v 1.1 2026/01/18 13:00:41 leot Exp $
+
+Avoid ctype(3) abuses
+
+Valid argument of ctype(3) functions must be either EOF or non-negative
+value within the range representable as unsigned char. Invalid values
+leads to undefined behavior.
+
+Add all missing d*() ctype(3) helper functions and switch to use them.
+
+Noticed by running dillo on NetBSD where dillo crashes due such
+abuses.
+
+See: https://lists.mailman3.com/hyperkitty/list/dillo-dev%mailman3.com@localhost/thread/L6QLXSD6UBDK3M5CMXQMRWD6ZB4C65MR/
+
+--- src/cssparser.cc.orig 2025-01-18 10:51:30.000000000 +0000
++++ src/cssparser.cc
+@@ -16,7 +16,6 @@
+ * a dillo1 based CSS prototype written by Sebastian Geerken.
+ */
+
+-#include <ctype.h>
+ #include <stdlib.h>
+ #include <stdio.h>
+
+@@ -530,7 +529,7 @@ void CssParser::nextToken()
+
+ while (true) {
+ c = getChar();
+- if (isspace(c)) { // ignore whitespace
++ if (dIsspace(c)) { // ignore whitespace
+ spaceSeparated = true;
+ } else if (skipString(c, "/*")) { // ignore comments
+ do {
+@@ -550,7 +549,7 @@ void CssParser::nextToken()
+ c = getChar();
+ }
+
+- if (isdigit(c)) {
++ if (dIsdigit(c)) {
+ ttype = CSS_TK_DECINT;
+ do {
+ if (i < maxStrLen - 1) {
+@@ -558,7 +557,7 @@ void CssParser::nextToken()
+ }
+ /* else silently truncated */
+ c = getChar();
+- } while (isdigit(c));
++ } while (dIsdigit(c));
+ if (c != '.')
+ ungetChar();
+
+@@ -567,7 +566,7 @@ void CssParser::nextToken()
+
+ if (c == '.') {
+ c = getChar();
+- if (isdigit(c)) {
++ if (dIsdigit(c)) {
+ ttype = CSS_TK_FLOAT;
+ if (i < maxStrLen - 1)
+ tval[i++] = '.';
+@@ -576,7 +575,7 @@ void CssParser::nextToken()
+ tval[i++] = c;
+ /* else silently truncated */
+ c = getChar();
+- } while (isdigit(c));
++ } while (dIsdigit(c));
+
+ ungetChar();
+ tval[i] = 0;
+@@ -604,13 +603,13 @@ void CssParser::nextToken()
+ c = getChar();
+ }
+
+- if (isalpha(c) || c == '_' || c == '-') {
++ if (dIsalpha(c) || c == '_' || c == '-') {
+ ttype = CSS_TK_SYMBOL;
+
+ tval[0] = c;
+ i = 1;
+ c = getChar();
+- while (isalnum(c) || c == '_' || c == '-') {
++ while (dIsalnum(c) || c == '_' || c == '-') {
+ if (i < maxStrLen - 1) {
+ tval[i] = c;
+ i++;
+@@ -633,13 +632,13 @@ void CssParser::nextToken()
+ while (c != EOF && c != c1) {
+ if (c == '\\') {
+ d = getChar();
+- if (isxdigit(d)) {
++ if (dIsxdigit(d)) {
+ /* Read hex Unicode char. (Actually, strings are yet only 8
+ * bit.) */
+ hexbuf[0] = d;
+ j = 1;
+ d = getChar();
+- while (j < 4 && isxdigit(d)) {
++ while (j < 4 && dIsxdigit(d)) {
+ hexbuf[j] = d;
+ j++;
+ d = getChar();
+@@ -674,7 +673,7 @@ void CssParser::nextToken()
+ tval[0] = c;
+ i = 1;
+ c = getChar();
+- while (isxdigit(c)) {
++ while (dIsxdigit(c)) {
+ if (i < maxStrLen - 1) {
+ tval[i] = c;
+ i++;
Index: pkgsrc/www/dillo/patches/patch-src_hsts.c
diff -u /dev/null pkgsrc/www/dillo/patches/patch-src_hsts.c:1.1
--- /dev/null Sun Jan 18 13:00:41 2026
+++ pkgsrc/www/dillo/patches/patch-src_hsts.c Sun Jan 18 13:00:41 2026
@@ -0,0 +1,34 @@
+$NetBSD: patch-src_hsts.c,v 1.1 2026/01/18 13:00:41 leot Exp $
+
+Avoid ctype(3) abuses
+
+Valid argument of ctype(3) functions must be either EOF or non-negative
+value within the range representable as unsigned char. Invalid values
+leads to undefined behavior.
+
+Add all missing d*() ctype(3) helper functions and switch to use them.
+
+Noticed by running dillo on NetBSD where dillo crashes due such
+abuses.
+
+See: https://lists.mailman3.com/hyperkitty/list/dillo-dev%mailman3.com@localhost/thread/L6QLXSD6UBDK3M5CMXQMRWD6ZB4C65MR/
+
+--- src/hsts.c.orig 2025-01-18 10:51:30.000000000 +0000
++++ src/hsts.c
+@@ -26,7 +26,6 @@
+ #include <time.h>
+ #include <errno.h>
+ #include <limits.h> /* for INT_MAX */
+-#include <ctype.h> /* for isspace */
+ #include <stdlib.h> /* for strtol */
+
+ #include "hsts.h"
+@@ -223,7 +222,7 @@ void a_Hsts_set(const char *header, cons
+ /* Get the value for the attribute and store it */
+ if (dStrAsciiCasecmp(attr, "max-age") == 0) {
+ value = Hsts_parse_value(&header);
+- if (isdigit(*value)) {
++ if (dIsdigit(*value)) {
+ errno = 0;
+ max_age = strtol(value, NULL, 10);
+ if (errno == ERANGE)
Index: pkgsrc/www/dillo/patches/patch-src_html.cc
diff -u /dev/null pkgsrc/www/dillo/patches/patch-src_html.cc:1.1
--- /dev/null Sun Jan 18 13:00:41 2026
+++ pkgsrc/www/dillo/patches/patch-src_html.cc Sun Jan 18 13:00:41 2026
@@ -0,0 +1,236 @@
+$NetBSD: patch-src_html.cc,v 1.1 2026/01/18 13:00:41 leot Exp $
+
+Avoid ctype(3) abuses
+
+Valid argument of ctype(3) functions must be either EOF or non-negative
+value within the range representable as unsigned char. Invalid values
+leads to undefined behavior.
+
+Add all missing d*() ctype(3) helper functions and switch to use them.
+
+Noticed by running dillo on NetBSD where dillo crashes due such
+abuses.
+
+See: https://lists.mailman3.com/hyperkitty/list/dillo-dev%mailman3.com@localhost/thread/L6QLXSD6UBDK3M5CMXQMRWD6ZB4C65MR/
+
+--- src/html.cc.orig 2025-01-18 10:51:30.000000000 +0000
++++ src/html.cc
+@@ -17,7 +17,6 @@
+ /*-----------------------------------------------------------------------------
+ * Includes
+ *---------------------------------------------------------------------------*/
+-#include <ctype.h> /* for isspace */
+ #include <string.h> /* for memcpy and memmove */
+ #include <stdlib.h>
+ #include <stdio.h> /* for sprintf */
+@@ -883,7 +882,7 @@ static const char *Html_parse_numeric_ch
+ errno = 0;
+
+ if (*s == 'x' || *s == 'X') {
+- if (isxdigit(*++s)) {
++ if (dIsxdigit(*++s)) {
+ /* strtol with base 16 accepts leading "0x" - we don't */
+ if (*s == '0' && s[1] == 'x') {
+ s++;
+@@ -892,7 +891,7 @@ static const char *Html_parse_numeric_ch
+ codepoint = strtol(s, &s, 16);
+ }
+ }
+- } else if (isdigit(*s)) {
++ } else if (dIsdigit(*s)) {
+ codepoint = strtol(s, &s, 10);
+ }
+ if (errno)
+@@ -984,7 +983,7 @@ static const char *Html_parse_named_char
+ char *s = tok;
+ const char *ret = NULL;
+
+- while (*++s && (isalnum(*s) || strchr(":_.-", *s))) ;
++ while (*++s && (dIsalnum(*s) || strchr(":_.-", *s))) ;
+ c = *s;
+ *s = '\0';
+ if (c != ';') {
+@@ -1051,7 +1050,7 @@ static const char *Html_parse_entity(Dil
+
+ if (*tok == '#') {
+ ret = Html_parse_numeric_charref(html, tok+1, is_attr, entsize);
+- } else if (isalpha(*tok)) {
++ } else if (dIsalpha(*tok)) {
+ ret = Html_parse_named_charref(html, tok, is_attr, entsize);
+ } else if (prefs.show_extra_warnings &&
+ (!(html->DocType == DT_HTML && html->DocTypeVersion >= 5.0f))) {
+@@ -1249,11 +1248,11 @@ static void Html_process_word(DilloHtml
+ /* all this overhead is to catch white-space entities */
+ Pword = a_Html_parse_entities(html, word, size);
+ for (start = i = 0; Pword[i]; start = i)
+- if (isspace(Pword[i])) {
+- while (Pword[++i] && isspace(Pword[i])) ;
++ if (dIsspace(Pword[i])) {
++ while (Pword[++i] && dIsspace(Pword[i])) ;
+ Html_process_space(html, Pword + start, i - start);
+ } else {
+- while (Pword[++i] && !isspace(Pword[i])) ;
++ while (Pword[++i] && !dIsspace(Pword[i])) ;
+ HT2TB(html)->addText(Pword + start, i - start, html->wordStyle ());
+ html->pre_column += i - start;
+ html->PreFirstChar = false;
+@@ -1287,8 +1286,8 @@ static void Html_process_word(DilloHtml
+ for (start = i = 0; word2[i]; start = i) {
+ int len;
+
+- if (isspace(word2[i])) {
+- while (word2[++i] && isspace(word2[i])) ;
++ if (dIsspace(word2[i])) {
++ while (word2[++i] && dIsspace(word2[i])) ;
+ Html_process_space(html, word2 + start, i - start);
+ } else if (!strncmp(word2+i, utf8_zero_width_space, 3)) {
+ i += 3;
+@@ -1300,7 +1299,7 @@ static void Html_process_word(DilloHtml
+ } else {
+ do {
+ i += len;
+- } while (word2[i] && !isspace(word2[i]) &&
++ } while (word2[i] && !dIsspace(word2[i]) &&
+ strncmp(word2+i, utf8_zero_width_space, 3) &&
+ (!a_Utf8_ideographic(word2+i, beyond_word2, &len)));
+ HT2TB(html)->addText(word2 + start, i - start, html->wordStyle ());
+@@ -1324,7 +1323,7 @@ static bool Html_match_tag(const char *t
+ return false;
+ }
+ /* The test for '/' is for xml compatibility: "empty/>" will be matched. */
+- if (i < tagsize && (isspace(tag[i]) || tag[i] == '>' || tag[i] == '/'))
++ if (i < tagsize && (dIsspace(tag[i]) || tag[i] == '>' || tag[i] == '/'))
+ return true;
+ return false;
+ }
+@@ -1441,7 +1440,7 @@ CssLength a_Html_parse_length (DilloHtml
+ l = CSS_CREATE_LENGTH(0.0, CSS_LENGTH_TYPE_AUTO);
+ else {
+ /* allow only whitespaces */
+- if (*end && !isspace (*end)) {
++ if (*end && !dIsspace (*end)) {
+ BUG_MSG("Garbage after length: '%s'.", attr);
+ l = CSS_CREATE_LENGTH(0.0, CSS_LENGTH_TYPE_AUTO);
+ }
+@@ -1487,10 +1486,10 @@ static int
+ int i;
+
+ for (i = 0; val[i]; ++i)
+- if (!d_isascii(val[i]) || !(isalnum(val[i]) || strchr(":_.-", val[i])))
++ if (!d_isascii(val[i]) || !(dIsalnum(val[i]) || strchr(":_.-", val[i])))
+ break;
+
+- if (val[i] || !(d_isascii(val[0]) && isalpha(val[0])))
++ if (val[i] || !(d_isascii(val[0]) && dIsalpha(val[0])))
+ BUG_MSG("%s attribute value \"%s\" is not of the form "
+ "'[A-Za-z][A-Za-z0-9:_.-]*'.", attrname, val);
+
+@@ -1537,8 +1536,8 @@ static void Html_parse_doctype(DilloHtml
+ /* Tag sanitization: Collapse whitespace between tokens
+ * and replace '\n' and '\r' with ' ' inside quoted strings. */
+ for (i = 0, p = ntag; *p; ++p) {
+- if (isspace(*p)) {
+- for (ntag[i++] = ' '; isspace(p[1]); ++p) ;
++ if (dIsspace(*p)) {
++ for (ntag[i++] = ' '; dIsspace(p[1]); ++p) ;
+ } else if ((quote = *p) == '"' || *p == '\'') {
+ for (ntag[i++] = *p++; (ntag[i] = *p) && ntag[i++] != quote; ++p) {
+ if (*p == '\n' || *p == '\r')
+@@ -2376,7 +2375,7 @@ misc::SimpleVector<int> *Html_read_coord
+ break;
+ coords->increase();
+ coords->set(coords->size() - 1, coord);
+- while (isspace(*newtail))
++ while (dIsspace(*newtail))
+ newtail++;
+ if (!*newtail)
+ break;
+@@ -4178,7 +4177,7 @@ static const char *Html_get_attr2(DilloH
+ for (i = 1; i < tagsize; ++i) {
+ switch (state) {
+ case SEEK_ATTR_START:
+- if (isspace(tag[i]))
++ if (dIsspace(tag[i]))
+ state = SEEK_TOKEN_START;
+ else if (tag[i] == '=')
+ state = SEEK_VALUE_START;
+@@ -4186,7 +4185,7 @@ static const char *Html_get_attr2(DilloH
+
+ case MATCH_ATTR_NAME:
+ if (!attrname[attr_pos] &&
+- (tag[i] == '=' || isspace(tag[i]) || tag[i] == '>')) {
++ (tag[i] == '=' || dIsspace(tag[i]) || tag[i] == '>')) {
+ Found = 1;
+ state = SEEK_TOKEN_START;
+ --i;
+@@ -4202,14 +4201,14 @@ static const char *Html_get_attr2(DilloH
+ case SEEK_TOKEN_START:
+ if (tag[i] == '=') {
+ state = SEEK_VALUE_START;
+- } else if (!isspace(tag[i])) {
++ } else if (!dIsspace(tag[i])) {
+ attr_pos = 0;
+ state = (Found) ? FINISHED : MATCH_ATTR_NAME;
+ --i;
+ }
+ break;
+ case SEEK_VALUE_START:
+- if (!isspace(tag[i])) {
++ if (!dIsspace(tag[i])) {
+ delimiter = (tag[i] == '"' || tag[i] == '\'') ? tag[i] : ' ';
+ i -= (delimiter == ' ');
+ state = (Found) ? GET_VALUE : SKIP_VALUE;
+@@ -4217,11 +4216,11 @@ static const char *Html_get_attr2(DilloH
+ break;
+
+ case SKIP_VALUE:
+- if ((delimiter == ' ' && isspace(tag[i])) || tag[i] == delimiter)
++ if ((delimiter == ' ' && dIsspace(tag[i])) || tag[i] == delimiter)
+ state = SEEK_TOKEN_START;
+ break;
+ case GET_VALUE:
+- if ((delimiter == ' ' && (isspace(tag[i]) || tag[i] == '>')) ||
++ if ((delimiter == ' ' && (dIsspace(tag[i]) || tag[i] == '>')) ||
+ tag[i] == delimiter) {
+ state = FINISHED;
+ } else if (tag[i] == '&' &&
+@@ -4252,10 +4251,10 @@ static const char *Html_get_attr2(DilloH
+ }
+
+ if (tag_parsing_flags & HTML_LeftTrim)
+- while (isspace(Buf->str[0]))
++ while (dIsspace(Buf->str[0]))
+ dStr_erase(Buf, 0, 1);
+ if (tag_parsing_flags & HTML_RightTrim)
+- while (Buf->len && isspace(Buf->str[Buf->len - 1]))
++ while (Buf->len && dIsspace(Buf->str[Buf->len - 1]))
+ dStr_truncate(Buf, Buf->len - 1);
+
+ return (Found) ? Buf->str : NULL;
+@@ -4349,14 +4348,14 @@ static int Html_write_raw(DilloHtml *htm
+ break;
+ }
+
+- if (isspace(buf[buf_index])) {
++ if (dIsspace(buf[buf_index])) {
+ /* whitespace: group all available whitespace */
+- while (++buf_index < bufsize && isspace(buf[buf_index])) ;
++ while (++buf_index < bufsize && dIsspace(buf[buf_index])) ;
+ Html_process_space(html, buf + token_start, buf_index - token_start);
+ token_start = buf_index;
+
+ } else if (buf[buf_index] == '<' && (ch = buf[buf_index + 1]) &&
+- (isalpha(ch) || strchr("/!?", ch)) ) {
++ (dIsalpha(ch) || strchr("/!?", ch)) ) {
+ /* Tag */
+ if (buf_index + 3 < bufsize && !strncmp(buf + buf_index, "<!--", 4)) {
+ /* Comment: search for close of comment, skipping over
+@@ -4422,7 +4421,7 @@ static int Html_write_raw(DilloHtml *htm
+ while (++buf_index < bufsize) {
+ buf_index += strcspn(buf + buf_index, " <\n\r\t\f\v");
+ if (buf[buf_index] == '<' && (ch = buf[buf_index + 1]) &&
+- !isalpha(ch) && !strchr("/!?", ch))
++ !dIsalpha(ch) && !strchr("/!?", ch))
+ continue;
+ break;
+ }
Index: pkgsrc/www/dillo/patches/patch-src_keys.cc
diff -u /dev/null pkgsrc/www/dillo/patches/patch-src_keys.cc:1.1
--- /dev/null Sun Jan 18 13:00:41 2026
+++ pkgsrc/www/dillo/patches/patch-src_keys.cc Sun Jan 18 13:00:41 2026
@@ -0,0 +1,43 @@
+$NetBSD: patch-src_keys.cc,v 1.1 2026/01/18 13:00:41 leot Exp $
+
+Avoid ctype(3) abuses
+
+Valid argument of ctype(3) functions must be either EOF or non-negative
+value within the range representable as unsigned char. Invalid values
+leads to undefined behavior.
+
+Add all missing d*() ctype(3) helper functions and switch to use them.
+
+Noticed by running dillo on NetBSD where dillo crashes due such
+abuses.
+
+See: https://lists.mailman3.com/hyperkitty/list/dillo-dev%mailman3.com@localhost/thread/L6QLXSD6UBDK3M5CMXQMRWD6ZB4C65MR/
+
+--- src/keys.cc.orig 2025-01-18 10:51:30.000000000 +0000
++++ src/keys.cc
+@@ -14,7 +14,6 @@
+ #include <stdio.h>
+ #include <stdlib.h> /* strtol */
+ #include <string.h>
+-#include <ctype.h>
+
+ #include "dlib/dlib.h"
+ #include "keys.hh"
+@@ -203,7 +202,7 @@ KeysCommand_t Keys::getKeyCmd()
+ KeyBinding_t keyNode;
+
+ keyNode.modifier = Fl::event_state() & (FL_SHIFT | FL_CTRL |FL_ALT|FL_META);
+- if (iscntrl(Fl::event_text()[0])) {
++ if (dIscntrl(Fl::event_text()[0])) {
+ keyNode.key = Fl::event_key();
+ } else {
+ const char *beyond = Fl::event_text() + Fl::event_length();
+@@ -326,7 +325,7 @@ void Keys::parseKey(char *key, char *com
+ }
+
+ // Skip space
+- for ( ; isspace(*key); ++key) ;
++ for ( ; dIsspace(*key); ++key) ;
+ // Get modifiers
+ while(*key == '<' && (p = strchr(key, '>'))) {
+ ++key;
Index: pkgsrc/www/dillo/patches/patch-src_misc.c
diff -u /dev/null pkgsrc/www/dillo/patches/patch-src_misc.c:1.1
--- /dev/null Sun Jan 18 13:00:41 2026
+++ pkgsrc/www/dillo/patches/patch-src_misc.c Sun Jan 18 13:00:41 2026
@@ -0,0 +1,41 @@
+$NetBSD: patch-src_misc.c,v 1.1 2026/01/18 13:00:41 leot Exp $
+
+Avoid ctype(3) abuses
+
+Valid argument of ctype(3) functions must be either EOF or non-negative
+value within the range representable as unsigned char. Invalid values
+leads to undefined behavior.
+
+Add all missing d*() ctype(3) helper functions and switch to use them.
+
+Noticed by running dillo on NetBSD where dillo crashes due such
+abuses.
+
+See: https://lists.mailman3.com/hyperkitty/list/dillo-dev%mailman3.com@localhost/thread/L6QLXSD6UBDK3M5CMXQMRWD6ZB4C65MR/
+
+--- src/misc.c.orig 2025-01-18 10:51:30.000000000 +0000
++++ src/misc.c
+@@ -12,7 +12,6 @@
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <string.h>
+-#include <ctype.h>
+ #include <assert.h>
+
+ #include "utf8.hh"
+@@ -222,13 +221,13 @@ void a_Misc_parse_content_type(const cha
+ if (!(str = type))
+ return;
+
+- for (s = str; *s && d_isascii((uchar_t)*s) && !iscntrl((uchar_t)*s) &&
++ for (s = str; *s && d_isascii((uchar_t)*s) && !dIscntrl(*s) &&
+ !strchr(tspecials_space, *s); s++) ;
+ if (major)
+ *major = dStrndup(str, s - str);
+
+ if (*s == '/') {
+- for (str = ++s; *s && d_isascii((uchar_t)*s) && !iscntrl((uchar_t)*s) &&
++ for (str = ++s; *s && d_isascii((uchar_t)*s) && !dIscntrl(*s) &&
+ !strchr(tspecials_space, *s); s++) ;
+ if (minor)
+ *minor = dStrndup(str, s - str);
Index: pkgsrc/www/dillo/patches/patch-src_table.cc
diff -u /dev/null pkgsrc/www/dillo/patches/patch-src_table.cc:1.1
--- /dev/null Sun Jan 18 13:00:41 2026
+++ pkgsrc/www/dillo/patches/patch-src_table.cc Sun Jan 18 13:00:41 2026
@@ -0,0 +1,26 @@
+$NetBSD: patch-src_table.cc,v 1.1 2026/01/18 13:00:41 leot Exp $
+
+Avoid ctype(3) abuses
+
+Valid argument of ctype(3) functions must be either EOF or non-negative
+value within the range representable as unsigned char. Invalid values
+leads to undefined behavior.
+
+Add all missing d*() ctype(3) helper functions and switch to use them.
+
+Noticed by running dillo on NetBSD where dillo crashes due such
+abuses.
+
+See: https://lists.mailman3.com/hyperkitty/list/dillo-dev%mailman3.com@localhost/thread/L6QLXSD6UBDK3M5CMXQMRWD6ZB4C65MR/
+
+--- src/table.cc.orig 2025-01-18 10:51:30.000000000 +0000
++++ src/table.cc
+@@ -51,7 +51,7 @@ void Html_tag_open_table(DilloHtml *html
+ CssLength cssLength;
+
+ if ((attrbuf = a_Html_get_attr(html, tag, tagsize, "border")))
+- border = isdigit(attrbuf[0]) ? strtol (attrbuf, NULL, 10) : 1;
++ border = dIsdigit(attrbuf[0]) ? strtol (attrbuf, NULL, 10) : 1;
+ if ((attrbuf = a_Html_get_attr(html, tag, tagsize, "cellspacing"))) {
+ cellspacing = strtol (attrbuf, NULL, 10);
+ if (html->DocType == DT_HTML && html->DocTypeVersion >= 5.0f)
Index: pkgsrc/www/dillo/patches/patch-src_url.c
diff -u /dev/null pkgsrc/www/dillo/patches/patch-src_url.c:1.1
--- /dev/null Sun Jan 18 13:00:41 2026
+++ pkgsrc/www/dillo/patches/patch-src_url.c Sun Jan 18 13:00:41 2026
@@ -0,0 +1,25 @@
+$NetBSD: patch-src_url.c,v 1.1 2026/01/18 13:00:41 leot Exp $
+
+Avoid ctype(3) abuses
+
+Valid argument of ctype(3) functions must be either EOF or non-negative
+value within the range representable as unsigned char. Invalid values
+leads to undefined behavior.
+
+Add all missing d*() ctype(3) helper functions and switch to use them.
+
+Noticed by running dillo on NetBSD where dillo crashes due such
+abuses.
+
+See: https://lists.mailman3.com/hyperkitty/list/dillo-dev%mailman3.com@localhost/thread/L6QLXSD6UBDK3M5CMXQMRWD6ZB4C65MR/
+
+--- src/url.c.orig 2025-01-18 10:51:30.000000000 +0000
++++ src/url.c
+@@ -44,7 +44,6 @@
+
+ #include <stdlib.h>
+ #include <string.h>
+-#include <ctype.h>
+
+ #include "url.h"
+ #include "hsts.h"
Index: pkgsrc/www/dillo/patches/patch-src_xembed.cc
diff -u /dev/null pkgsrc/www/dillo/patches/patch-src_xembed.cc:1.1
--- /dev/null Sun Jan 18 13:00:41 2026
+++ pkgsrc/www/dillo/patches/patch-src_xembed.cc Sun Jan 18 13:00:41 2026
@@ -0,0 +1,25 @@
+$NetBSD: patch-src_xembed.cc,v 1.1 2026/01/18 13:00:41 leot Exp $
+
+Avoid ctype(3) abuses
+
+Valid argument of ctype(3) functions must be either EOF or non-negative
+value within the range representable as unsigned char. Invalid values
+leads to undefined behavior.
+
+Add all missing d*() ctype(3) helper functions and switch to use them.
+
+Noticed by running dillo on NetBSD where dillo crashes due such
+abuses.
+
+See: https://lists.mailman3.com/hyperkitty/list/dillo-dev%mailman3.com@localhost/thread/L6QLXSD6UBDK3M5CMXQMRWD6ZB4C65MR/
+
+--- src/xembed.cc.orig 2025-01-18 10:51:30.000000000 +0000
++++ src/xembed.cc
+@@ -10,7 +10,6 @@
+ */
+
+ #include <string.h>
+-#include <ctype.h>
+
+ #define FL_INTERNALS
+ #include <FL/Fl_Window.H>
Index: pkgsrc/www/dillo/patches/patch-test_dw_dw__anchors__test.cc
diff -u /dev/null pkgsrc/www/dillo/patches/patch-test_dw_dw__anchors__test.cc:1.1
--- /dev/null Sun Jan 18 13:00:41 2026
+++ pkgsrc/www/dillo/patches/patch-test_dw_dw__anchors__test.cc Sun Jan 18 13:00:41 2026
@@ -0,0 +1,25 @@
+$NetBSD: patch-test_dw_dw__anchors__test.cc,v 1.1 2026/01/18 13:00:41 leot Exp $
+
+Avoid ctype(3) abuses
+
+Valid argument of ctype(3) functions must be either EOF or non-negative
+value within the range representable as unsigned char. Invalid values
+leads to undefined behavior.
+
+Add all missing d*() ctype(3) helper functions and switch to use them.
+
+Noticed by running dillo on NetBSD where dillo crashes due such
+abuses.
+
+See: https://lists.mailman3.com/hyperkitty/list/dillo-dev%mailman3.com@localhost/thread/L6QLXSD6UBDK3M5CMXQMRWD6ZB4C65MR/
+
+--- test/dw/dw_anchors_test.cc.orig 2025-01-18 10:51:30.000000000 +0000
++++ test/dw/dw_anchors_test.cc
+@@ -20,7 +20,6 @@
+
+
+
+-#include <ctype.h>
+ #include <FL/Fl_Window.H>
+ #include <FL/Fl.H>
+
Index: pkgsrc/www/dillo/patches/patch-test_unit_cookies.c
diff -u /dev/null pkgsrc/www/dillo/patches/patch-test_unit_cookies.c:1.1
--- /dev/null Sun Jan 18 13:00:41 2026
+++ pkgsrc/www/dillo/patches/patch-test_unit_cookies.c Sun Jan 18 13:00:41 2026
@@ -0,0 +1,34 @@
+$NetBSD: patch-test_unit_cookies.c,v 1.1 2026/01/18 13:00:41 leot Exp $
+
+Avoid ctype(3) abuses
+
+Valid argument of ctype(3) functions must be either EOF or non-negative
+value within the range representable as unsigned char. Invalid values
+leads to undefined behavior.
+
+Add all missing d*() ctype(3) helper functions and switch to use them.
+
+Noticed by running dillo on NetBSD where dillo crashes due such
+abuses.
+
+See: https://lists.mailman3.com/hyperkitty/list/dillo-dev%mailman3.com@localhost/thread/L6QLXSD6UBDK3M5CMXQMRWD6ZB4C65MR/
+
+--- test/unit/cookies.c.orig 2025-01-18 10:51:30.000000000 +0000
++++ test/unit/cookies.c
+@@ -26,7 +26,6 @@
+ #include <stdarg.h> /* va_list */
+ #include <string.h> /* strchr */
+ #include <errno.h>
+-#include <ctype.h>
+ #include <time.h>
+ /* net */
+ #include <sys/types.h>
+@@ -126,7 +125,7 @@ static int Dpi_read_comm_keys(int *port)
+ MSG_ERR("[Dpi_read_comm_keys] empty file: %s\n", fname);
+ } else {
+ *port = strtol(rcline, &tail, 10);
+- for (i = 0; *tail && isxdigit(tail[i+1]); ++i)
++ for (i = 0; *tail && dIsxdigit(tail[i+1]); ++i)
+ SharedKey[i] = tail[i+1];
+ SharedKey[i] = 0;
+ ret = 1;
Home |
Main Index |
Thread Index |
Old Index