> as well as this:
>
> > --- tcpdump/print-ipsec.c
> > +++ /tmp/cocci-output-17550-499a71-print-ipsec.c
> > @@ -101,7 +101,7 @@ esp_init (char *espspec)
> > s[0] = espkey[2*i];
> > s[1] = espkey[2*i + 1];
> > s[2] = 0;
> > - if (!isxdigit(s[0]) || !isxdigit(s[1])) {
> > + if (!isxdigit((unsigned char)s[0]) || !isxdigit((unsigned
> > char)s[1])) {
>
>
> For tcpdump/print-decnet.c, I think it's best to change the variable type,
> as putchar() expects an int ("EOF or unsigned char") like isprint():
>
>
> --- tcpdump/print-decnet.c 21 Aug 2015 02:07:32 -0000 1.14
> +++ tcpdump/print-decnet.c 11 Oct 2015 03:25:02 -0000
> @@ -756,11 +756,11 @@ dnname_string(u_short dnaddr)
> static void
> pdata(u_char *dp, u_int maxlen)
> {
> - char c;
> + int c;
> u_int x = maxlen;
>
> while (x-- > 0) {
> - c = *dp++;
> + c = (unsigned char)*dp++;
> if (isprint(c))
> putchar(c);
> else
>
>
> For tcpdump/smbutil.c...gaaaaaaahhhhhh. Add the return of atoi() to a
> pointer and then skip all digits? That has *FUN* results with negative
> numbers and numbers greater than the length of the buffer! fdata1() needs
> to be hit repeatedly with a big stick until it stops assuming that no one
> makes errors.
Luckily, our tcpdump is privsep.
One day something like this is going to hurt very badly. Poor other people.