avoid UB when calling ctype functions

The character classification functions in <ctype.h> are designed to
classify characters returned by <stdio.h> getchar() and friends, which
return characters as signed integers in the range 0 to 255 or EOF. The
behavior of the ctype functions is undefined if they are passed a value
outside of that range, which may happen if they are passed a char-typed
value and the system's char type is signed.

<ccan/str/str.h> defines some inline utility functions that perform the
necessary cast to coerce a char-typed argument into the allowed value
range. Call these wrappers instead of the bare ctype functions when
classifying char-typed characters.

Changelog-None

common/json_parse.c

@@ -30,7 +30,7 @@ bool json_to_millionths(const char *buffer, const jsmntok_t *tok,
 
 	*millionths = 0;
 	for (int i = tok->start; i < tok->end; i++) {
-		if (isdigit(buffer[i])) {
+		if (cisdigit(buffer[i])) {
 			has_digits = true;
 			/* Ignore too much precision */
 			if (decimal_places >= 0 && ++decimal_places > 6)

common/splice_script.c

@@ -503,7 +503,7 @@ char *fmt_splice_script_compiler_error(const tal_t *ctx,
 
 static bool is_whitespace(char c)
 {
-	return isspace(c);
+	return cisspace(c);
 }
 
 static struct splice_script_error *clean_whitespace(const tal_t *ctx,