Re: Public disclosure of discovered vulnerabilities

Douglas A. Gwyn wrote:
>> So quote the standard and show me wrong.
>
> I have copies of several character coding standards,
> and none of them assign negative values to code points.

Let's not pretend there's any confusion over what standard we
are talking about. You seemed to disagree when I wrote:

     Negative character codes are consistent with the C standard,
     and common systems, character codes may also be to large to
     fit in an unsigned char

If you check your standards, you will find I was right about
both parts.

> The C standard spec for fgetc is quite explicit about
> avoiding sign extension

Did I make some claim about fgetc?

-- 
--Bryan