From b1dcdc5032f09cab0a5834476d85e999bb608ce6 Mon Sep 17 00:00:00 2001 From: Billy Robert O'Neal III Date: Mon, 11 May 2020 20:38:09 -0700 Subject: [PATCH] Fix invalid isspace call detected by PREfast MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit D:\vcpkg\toolsrc\include\catch2\catch.hpp(11285): warning C6330: 'char' passed as _Param_(1) when 'unsigned char' is required in call to 'isspace'. D:\vcpkg\toolsrc\include\catch2\catch.hpp(11288): warning C6330: 'char' passed as _Param_(1) when 'unsigned char' is required in call to 'isspace'. ISO/IEC 9899:2011: "7.4 Character handling "/1 [...] In all cases the argument is an int, the value of which shall be representable as an unsigned char or shall equal the value of the macro EOF. If the argument has any other value, the behavior is undefined. This means if isspace was passed a character like ñ it could corrupt memory without the static_cast to treat it as a positive value after integral promotion (and C libraries commonly use the int index supplied as a key into a table which result in out of bounds access if the resulting int is negative). --- include/internal/catch_message.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/internal/catch_message.cpp b/include/internal/catch_message.cpp index 64c817b7..97983a1e 100644 --- a/include/internal/catch_message.cpp +++ b/include/internal/catch_message.cpp @@ -69,10 +69,10 @@ namespace Catch { Capturer::Capturer( StringRef macroName, SourceLineInfo const& lineInfo, ResultWas::OfType resultType, StringRef names ) { auto trimmed = [&] (size_t start, size_t end) { - while (names[start] == ',' || isspace(names[start])) { + while (names[start] == ',' || isspace(static_cast(names[start]))) { ++start; } - while (names[end] == ',' || isspace(names[end])) { + while (names[end] == ',' || isspace(static_cast(names[end]))) { --end; } return names.substr(start, end - start + 1);