[QGIS-Developer] 3.40.7: crssync invoking undefined behavior

Greg Troxel gdt at lexort.com
Wed Jul 2 05:26:18 PDT 2025 

Probably you are aware, but the ctype(3) functions are very difficult to
use correctly.  They are defined to take int, but (NetBSD man page):

     The argument of these functions is of type int, but only a very
     restricted subset of values are actually valid.  The argument must either
     be the value of the macro EOF (which has a negative value), or must be a
     non-negative value within the range representable as unsigned char.
     Passing invalid values leads to undefined behavior.

and POSIX

    https://pubs.opengroup.org/onlinepubs/9799919799/functions/toupper.html

    The toupper() [CX] [Option Start] and toupper_l() [Option End]
    functions have as a domain a type int, the value of which is
    representable as an unsigned char or the value of EOF. If the
    argument has any other value, the behavior is undefined.


NetBSD-current (to be 11) detects and objects to inputs that are
specified as UB, rather than silently doing something random -- it's
been typical for ctype macros to use arrays, I think since the olden
days of C89.

When building 3.40.7, it invokes crssync, which outputs

  ctype(3) isupper: invalid input: -61

a sign that isupper was called with a "char" (signed char on x86) rather
than the 8-bit quantity treated as unsigned converted to int, which is
the proper behavior.   That's 189, 0xbd, which might be the fraction
1/2.  But what it is isn't the issue.

Looking in crssync sources, it looks like really all the work is in

  QgsCoordinateReferenceSystem::syncDatabase


found in

  src/core/proj/qgscoordinatereferencesystem.cpp

where I see calls like

  QString authName = match.captured( 1 ).toLower();

which makes me wonder if QString is under the hood char or unsigned char
(but it says unicode without being clear on what that means), if Qt is
misusing ctype functions, or if this is a qgis issue.

  https://doc.qt.io/archives/qt-5.15/qstring.html#toLower

Or if something else is happening.  (I'm having trouble getting a stack
trace due to an unrelated problem not related to qgis.)

Is anyone else testing on a system that objects to ctype UB?
Can anyone easily enable debugging options on a system that would then
catch ctype UB?

Thanks,
Greg

More information about the QGIS-Developer mailing list