cairo-type1-subset.c uses isxdigit()
cairo-type1-subset.c
uses isxdigit()
. This has 2 bugs:
-
On platforms where
char
is signed, callingisxdigit()
with achar
argument is UB when the most-significant bit of the char is set, becauseisxdigit()
takes a (signed)int
with the value range of anunsigned char
(orEOF
), so a signedchar
sign-extends toint
. -
According to MSDN,
isxdigit()
is locale-sensitive. According to glibc sources,isxdigit()
does a lookup from locale-dependent tables, but I didn't check if the that part of the tables actually varies by locale.
Instead of using isxdigit()
, Cairo should have a function that does
('0' <= c && c <= '9') || ('a' <= c && c <= 'f') || ('A' <= c && c <= 'F')
to be sure the operation isn't locale-sensitive.