Module Name: src
Committed By: kamil
Date: Wed Jul 4 03:17:01 UTC 2018
Modified Files:
src/sys/dev/scsipi: scsipiconf.h
Log Message:
Avoid undefined behavior in scsipiconf.h in _4ltol() and _4btol()
Do not shift (through integer promotion) a signed value in an operation
than can change the bit of signedness.
sys/dev/scsipi/scsipiconf.h:808:17, left shift of 255 by 24 places cannot be
represented in type 'int'
Detected with Kernel Undefined Behavior Sanitizer.
Reported by <Harry Pantazis>
To generate a diff of this commit:
cvs rdiff -u -r1.126 -r1.127 src/sys/dev/scsipi/scsipiconf.h
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/dev/scsipi/scsipiconf.h
diff -u src/sys/dev/scsipi/scsipiconf.h:1.126 src/sys/dev/scsipi/scsipiconf.h:1.127
--- src/sys/dev/scsipi/scsipiconf.h:1.126 Tue Nov 29 03:23:00 2016
+++ src/sys/dev/scsipi/scsipiconf.h Wed Jul 4 03:17:01 2018
@@ -1,4 +1,4 @@
-/* $NetBSD: scsipiconf.h,v 1.126 2016/11/29 03:23:00 mlelstv Exp $ */
+/* $NetBSD: scsipiconf.h,v 1.127 2018/07/04 03:17:01 kamil Exp $ */
/*-
* Copyright (c) 1998, 1999, 2000, 2004 The NetBSD Foundation, Inc.
@@ -805,10 +805,10 @@ _4btol(const u_int8_t *bytes)
{
u_int32_t rv;
- rv = (bytes[0] << 24) |
- (bytes[1] << 16) |
- (bytes[2] << 8) |
- bytes[3];
+ rv = ((u_int32_t)bytes[0] << 24) |
+ ((u_int32_t)bytes[1] << 16) |
+ ((u_int32_t)bytes[2] << 8) |
+ (u_int32_t)bytes[3];
return (rv);
}
@@ -894,10 +894,10 @@ _4ltol(const u_int8_t *bytes)
{
u_int32_t rv;
- rv = bytes[0] |
- (bytes[1] << 8) |
- (bytes[2] << 16) |
- (bytes[3] << 24);
+ rv = (u_int32_t)bytes[0] |
+ ((u_int32_t)bytes[1] << 8) |
+ ((u_int32_t)bytes[2] << 16) |
+ ((u_int32_t)bytes[3] << 24);
return (rv);
}
