From 05014f5b9e468730925c0452a3d3399ea4353fd3 Mon Sep 17 00:00:00 2001
From: Leonardo Taccari <iamleot@gmail.com>
Date: Wed, 29 Aug 2018 18:06:33 +0200
Subject: [PATCH] avoid undefined behaviour when using ctype(3) functions in
 relex()

Because NCHARS is (256+3) cc->cc_func(i) was called with 256, 257
and 258 as argument leading to possible undefined behaviour (at
least on NetBSD with non-C locale (e.g. `en_US.UTF-8') this led to
only honoring one `[:...:]' character class in bracket expressions).

Fix #11
---
 b.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/b.c b/b.c
index 89a7841..c248902 100644
--- a/b.c
+++ b/b.c
@@ -27,6 +27,7 @@ THIS SOFTWARE.
 #define	DEBUG
 
 #include <ctype.h>
+#include <limits.h>
 #include <stdio.h>
 #include <string.h>
 #include <stdlib.h>
@@ -823,7 +824,7 @@ int relex(void)		/* lexical analyzer for reparse */
 				if (cc->cc_name != NULL && prestr[1 + cc->cc_namelen] == ':' &&
 				    prestr[2 + cc->cc_namelen] == ']') {
 					prestr += cc->cc_namelen + 3;
-					for (i = 0; i < NCHARS; i++) {
+					for (i = 0; i <= UCHAR_MAX; i++) {
 						if (!adjbuf((char **) &buf, &bufsz, bp-buf+1, 100, (char **) &bp, "relex2"))
 						    FATAL("out of space for reg expr %.10s...", lastre);
 						if (cc->cc_func(i)) {