From c24f7e5b3483b595b125b146fd175bab0e27e229 Mon Sep 17 00:00:00 2001 From: Billy Robert O'Neal III Date: Mon, 11 May 2020 20:38:09 -0700 Subject: [PATCH] Fix invalid isspace call detected by PREfast MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit D:\vcpkg\toolsrc\include\catch2\catch.hpp(11285): warning C6330: 'char' passed as _Param_(1) when 'unsigned char' is required in call to 'isspace'. D:\vcpkg\toolsrc\include\catch2\catch.hpp(11288): warning C6330: 'char' passed as _Param_(1) when 'unsigned char' is required in call to 'isspace'. ISO/IEC 9899:2011: "7.4 Character handling "/1 [...] In all cases the argument is an int, the value of which shall be representable as an unsigned char or shall equal the value of the macro EOF. If the argument has any other value, the behavior is undefined. This means if isspace was passed a character like ñ it could corrupt memory without the static_cast to treat it as a positive value after integral promotion (and C libraries commonly use the int index supplied as a key into a table which result in out of bounds access if the resulting int is negative). --- src/catch2/catch_message.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/catch2/catch_message.cpp b/src/catch2/catch_message.cpp index 3d66a5f4..6c4a0989 100644 --- a/src/catch2/catch_message.cpp +++ b/src/catch2/catch_message.cpp @@ -48,10 +48,10 @@ namespace Catch { Capturer::Capturer( StringRef macroName, SourceLineInfo const& lineInfo, ResultWas::OfType resultType, StringRef names ) { auto trimmed = [&] (size_t start, size_t end) { - while (names[start] == ',' || isspace(names[start])) { + while (names[start] == ',' || isspace(static_cast(names[start]))) { ++start; } - while (names[end] == ',' || isspace(names[end])) { + while (names[end] == ',' || isspace(static_cast(names[end]))) { --end; } return names.substr(start, end - start + 1);