There's one more potential gotcha in your example that has burned me a few times.<p>You have a function that takes char *endptr and passes *endptr to isspace(). At least on the particular version of the MSVC compiler I usually use, char is signed by default, and isspace uses an ASCII lookup table internally, presumably 256 bytes long.<p>So if anything passes a so-called "negative ASCII" value to your routine, memory will be accessed prior to the beginning of the table. Usually just causes a crash, but the implications could go well beyond that. Whenever I use any of the is...() functions, I've learned to cast the value to unsigned char to make sure underflow can't happen. It's caused a lot of bug reports from non-US-based users who end up with ANSI (extended or 'negative' ASCII) characters in various places.<p>Obviously there are plenty of facepalms to go around here, ranging from the C standard's failure to disallow signed chars to certain compilers' adoption of them, to Microsoft's failure to protect their standard C library function inputs, to my negligence in not realizing the implications of the foregoing. Definitely something to watch out for in your own code.<p>As I write this, it occurs to me that they might actually use a 128-byte LUT. So I should either stop using iswhatever() functions altogether or write my own wrapper for them....