Module Name: src
Committed By: kamil
Date: Wed Jul 4 03:00:46 UTC 2018
Modified Files:
src/sys/dev/pci: pciide_piix_reg.h
Log Message:
Avoid undefined behavior in pciiide macros
Cast the 'bytes' argument in PIIX_IDETIM_SET() and PIIX_IDETIM_CLEAR()
to unsigned int. This prevents UB because of shifting the bits and changing
the bit of signedness.
sys/dev/pci/piixide.c:714:11, left shift of 65535 by 16 places cannot be
represented in type 'int'
sys/dev/pci/piixide.c:720:11, left shift of 32768 by 16 places cannot be
represented in type 'int'
Detected with Kernel Undefined Behavior Sanitizer.
Reported by <Harry Pantazis>
To generate a diff of this commit:
cvs rdiff -u -r1.14 -r1.15 src/sys/dev/pci/pciide_piix_reg.h
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/dev/pci/pciide_piix_reg.h
diff -u src/sys/dev/pci/pciide_piix_reg.h:1.14 src/sys/dev/pci/pciide_piix_reg.h:1.15
--- src/sys/dev/pci/pciide_piix_reg.h:1.14 Mon Oct 19 18:41:16 2009
+++ src/sys/dev/pci/pciide_piix_reg.h Wed Jul 4 03:00:46 2018
@@ -1,4 +1,4 @@
-/* $NetBSD: pciide_piix_reg.h,v 1.14 2009/10/19 18:41:16 bouyer Exp $ */
+/* $NetBSD: pciide_piix_reg.h,v 1.15 2018/07/04 03:00:46 kamil Exp $ */
/*
* Copyright (c) 1998 Manuel Bouyer.
@@ -49,9 +49,9 @@
#define PIIX_IDETIM 0x40
#define PIIX_IDETIM_READ(x, channel) (((x) >> (16 * (channel))) & 0x0000FFFF)
#define PIIX_IDETIM_SET(x, bytes, channel) \
- ((x) | ((bytes) << (16 * (channel))))
+ ((x) | ((unsigned int)(bytes) << (16 * (channel))))
#define PIIX_IDETIM_CLEAR(x, bytes, channel) \
- ((x) & ~((bytes) << (16 * (channel))))
+ ((x) & ~((unsigned int)(bytes) << (16 * (channel))))
#define PIIX_IDETIM_IDE 0x8000 /* PIIX decode IDE registers */
#define PIIX_IDETIM_SITRE 0x4000 /* slaves IDE timing registers
