Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/trunk]: src/lib/libc/stdlib Avoid undefined behavior in left bit shift i...



details:   https://anonhg.NetBSD.org/src/rev/5015aafa6297
branches:  trunk
changeset: 991675:5015aafa6297
user:      kamil <kamil%NetBSD.org@localhost>
date:      Wed Jul 25 20:05:35 2018 +0000

description:
Avoid undefined behavior in left bit shift in jemalloc(3)

Change the type of shifted value to unsigned to prevent altering the
signedness bit.

jemalloc.c:1707:14, left shift of 1 by 31 places cannot be represented in type 'int'
jemalloc.c:1724:15, left shift of 1 by 31 places cannot be represented in type 'int'
jemalloc.c:1840:28, left shift of 1 by 31 places cannot be represented in type 'int'

Detected with micro-UBSan in the user mode.

diffstat:

 lib/libc/stdlib/jemalloc.c |  12 ++++++------
 1 files changed, 6 insertions(+), 6 deletions(-)

diffs (47 lines):

diff -r d9febd9445bb -r 5015aafa6297 lib/libc/stdlib/jemalloc.c
--- a/lib/libc/stdlib/jemalloc.c        Wed Jul 25 19:56:56 2018 +0000
+++ b/lib/libc/stdlib/jemalloc.c        Wed Jul 25 20:05:35 2018 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: jemalloc.c,v 1.44 2017/12/01 22:47:06 mrg Exp $        */
+/*     $NetBSD: jemalloc.c,v 1.45 2018/07/25 20:05:35 kamil Exp $      */
 
 /*-
  * Copyright (C) 2006,2007 Jason Evans <jasone%FreeBSD.org@localhost>.
@@ -118,7 +118,7 @@
 
 #include <sys/cdefs.h>
 /* __FBSDID("$FreeBSD: src/lib/libc/stdlib/malloc.c,v 1.147 2007/06/15 22:00:16 jasone Exp $"); */ 
-__RCSID("$NetBSD: jemalloc.c,v 1.44 2017/12/01 22:47:06 mrg Exp $");
+__RCSID("$NetBSD: jemalloc.c,v 1.45 2018/07/25 20:05:35 kamil Exp $");
 
 #ifdef __FreeBSD__
 #include "libc_private.h"
@@ -1704,7 +1704,7 @@
                    + (bin->reg_size * regind));
 
                /* Clear bit. */
-               mask ^= (1 << bit);
+               mask ^= (1U << bit);
                run->regs_mask[i] = mask;
 
                return (ret);
@@ -1721,7 +1721,7 @@
                            + (bin->reg_size * regind));
 
                        /* Clear bit. */
-                       mask ^= (1 << bit);
+                       mask ^= (1U << bit);
                        run->regs_mask[i] = mask;
 
                        /*
@@ -1836,8 +1836,8 @@
        if (elm < run->regs_minelm)
                run->regs_minelm = elm;
        bit = regind - (elm << (SIZEOF_INT_2POW + 3));
-       assert((run->regs_mask[elm] & (1 << bit)) == 0);
-       run->regs_mask[elm] |= (1 << bit);
+       assert((run->regs_mask[elm] & (1U << bit)) == 0);
+       run->regs_mask[elm] |= (1U << bit);
 #undef SIZE_INV
 #undef SIZE_INV_SHIFT
 }



Home | Main Index | Thread Index | Old Index