Currently, this reads past the buffer if the input is all whitespace. If it's null-terminated, isspace() will return false, but *s then violates the loop-invariant (!=0). Failing on bad input is fine, but crashing is a security hole, yes?
I don't want to add the extra test. The code is so efficient. Maybe there is a better way to handle this?
Currently, this reads past the buffer if the input is all whitespace. If it's null-terminated,
isspace()
will return false, but*s
then violates the loop-invariant (!=0
). Failing on bad input is fine, but crashing is a security hole, yes?I don't want to add the extra test. The code is so efficient. Maybe there is a better way to handle this?