Fix 'negative character value'

Andras Fekete · Andras Fekete · commit ec0a2f2683d8 · 2023-10-20T16:16:48.000-04:00
In a number of libc implementations, isalpha()/isalnum() is implemented using lookup tables (arrays): passing in a negative value can result in a read underrun.
diff --git a/src/conf.c b/src/conf.c
@@ -744,7 +744,7 @@ static char* expandValue(WOLFSSL_CONF *conf, const char* section,
                     strIdx += 2;
                     startIdx = strIdx;
                 }
-                while (*strIdx && (XISALNUM((int)(*strIdx)) || *strIdx == '_'))
+                while (*strIdx && (XISALNUM(*strIdx) || *strIdx == '_'))
                     strIdx++;
                 endIdx = strIdx;
                 if (startIdx == endIdx) {
diff --git a/wolfssl/test.h b/wolfssl/test.h
@@ -1225,7 +1225,7 @@ static WC_INLINE void build_addr(SOCKADDR_IN_T* addr, const char* peer,
 
 #ifndef TEST_IPV6
     /* peer could be in human readable form */
-    if ( ((size_t)peer != INADDR_ANY) && isalpha((int)peer[0])) {
+    if ( ((size_t)peer != INADDR_ANY) && isalpha(peer[0])) {
     #ifdef WOLFSSL_USE_POPEN_HOST
         char host_ipaddr[4] = { 127, 0, 0, 1 };
         int found = 1;

Original file line number	Diff line number	Diff line change
`@@ -744,7 +744,7 @@ static char* expandValue(WOLFSSL_CONF conf, const char section,`
`744`	`744`	`strIdx += 2;`
`745`	`745`	`startIdx = strIdx;`
`746`	`746`	`}`
`747`		`- while (strIdx && (XISALNUM((int)(strIdx)) \|\| *strIdx == '_'))`
	`747`	`+ while (strIdx && (XISALNUM(strIdx) \|\| *strIdx == '_'))`
`748`	`748`	`strIdx++;`
`749`	`749`	`endIdx = strIdx;`
`750`	`750`	`if (startIdx == endIdx) {`