Author: breser Date: Wed Jul 3 17:30:21 2013 New Revision: 1499492 URL: http://svn.apache.org/r1499492 Log: Fix incorrect conversion of char to int in config file parsing.
See: https://www.securecoding.cert.org/confluence/display/seccode/STR34-C.+Cast+characters+to+unsigned+char+before+converting+to+larger+integer+sizes * subversion/libsvn_subr/config_file.c (parser_getc, parser_getc_plain): Before converting char to int cast to unsigned char. Modified: subversion/trunk/subversion/libsvn_subr/config_file.c Modified: subversion/trunk/subversion/libsvn_subr/config_file.c URL: http://svn.apache.org/viewvc/subversion/trunk/subversion/libsvn_subr/config_file.c?rev=1499492&r1=1499491&r2=1499492&view=diff ============================================================================== --- subversion/trunk/subversion/libsvn_subr/config_file.c (original) +++ subversion/trunk/subversion/libsvn_subr/config_file.c Wed Jul 3 17:30:21 2013 @@ -94,7 +94,7 @@ parser_getc(parse_context_t *ctx, int *c } else if (ctx->buffer_pos < ctx->buffer_size) { - *c = ctx->parser_buffer[ctx->buffer_pos]; + *c = (unsigned char)ctx->parser_buffer[ctx->buffer_pos]; ctx->buffer_pos++; } else @@ -107,7 +107,7 @@ parser_getc(parse_context_t *ctx, int *c if (ctx->buffer_pos < ctx->buffer_size) { - *c = ctx->parser_buffer[ctx->buffer_pos]; + *c = (unsigned char)ctx->parser_buffer[ctx->buffer_pos]; ctx->buffer_pos++; } else @@ -131,7 +131,7 @@ parser_getc_plain(parse_context_t *ctx, { if (ctx->buffer_pos < ctx->buffer_size) { - *c = ctx->parser_buffer[ctx->buffer_pos]; + *c = (unsigned char)ctx->parser_buffer[ctx->buffer_pos]; ctx->buffer_pos++; return SVN_NO_ERROR;
