> as well as this: > > > --- tcpdump/print-ipsec.c > > +++ /tmp/cocci-output-17550-499a71-print-ipsec.c > > @@ -101,7 +101,7 @@ esp_init (char *espspec) > > s[0] = espkey[2*i]; > > s[1] = espkey[2*i + 1]; > > s[2] = 0; > > - if (!isxdigit(s[0]) || !isxdigit(s[1])) { > > + if (!isxdigit((unsigned char)s[0]) || !isxdigit((unsigned > > char)s[1])) { > > > For tcpdump/print-decnet.c, I think it's best to change the variable type, > as putchar() expects an int ("EOF or unsigned char") like isprint(): > > > --- tcpdump/print-decnet.c 21 Aug 2015 02:07:32 -0000 1.14 > +++ tcpdump/print-decnet.c 11 Oct 2015 03:25:02 -0000 > @@ -756,11 +756,11 @@ dnname_string(u_short dnaddr) > static void > pdata(u_char *dp, u_int maxlen) > { > - char c; > + int c; > u_int x = maxlen; > > while (x-- > 0) { > - c = *dp++; > + c = (unsigned char)*dp++; > if (isprint(c)) > putchar(c); > else > > > For tcpdump/smbutil.c...gaaaaaaahhhhhh. Add the return of atoi() to a > pointer and then skip all digits? That has *FUN* results with negative > numbers and numbers greater than the length of the buffer! fdata1() needs > to be hit repeatedly with a big stick until it stops assuming that no one > makes errors.
Luckily, our tcpdump is privsep. One day something like this is going to hurt very badly. Poor other people.