CVS commit: src/lib/libc/stdlib

Wed, 25 Jul 2018 13:05:46 -0700 

Module Name:    src
Committed By:   kamil
Date:           Wed Jul 25 20:05:35 UTC 2018

Modified Files:
        src/lib/libc/stdlib: jemalloc.c

Log Message:
Avoid undefined behavior in left bit shift in jemalloc(3)

Change the type of shifted value to unsigned to prevent altering the
signedness bit.

jemalloc.c:1707:14, left shift of 1 by 31 places cannot be represented in type 
'int'
jemalloc.c:1724:15, left shift of 1 by 31 places cannot be represented in type 
'int'
jemalloc.c:1840:28, left shift of 1 by 31 places cannot be represented in type 
'int'

Detected with micro-UBSan in the user mode.


To generate a diff of this commit:
cvs rdiff -u -r1.44 -r1.45 src/lib/libc/stdlib/jemalloc.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/lib/libc/stdlib/jemalloc.c
diff -u src/lib/libc/stdlib/jemalloc.c:1.44 src/lib/libc/stdlib/jemalloc.c:1.45
--- src/lib/libc/stdlib/jemalloc.c:1.44	Fri Dec  1 22:47:06 2017
+++ src/lib/libc/stdlib/jemalloc.c	Wed Jul 25 20:05:35 2018
@@ -1,4 +1,4 @@
-/*	$NetBSD: jemalloc.c,v 1.44 2017/12/01 22:47:06 mrg Exp $	*/
+/*	$NetBSD: jemalloc.c,v 1.45 2018/07/25 20:05:35 kamil Exp $	*/
 
 /*-
  * Copyright (C) 2006,2007 Jason Evans <jas...@freebsd.org>.
@@ -118,7 +118,7 @@
 
 #include <sys/cdefs.h>
 /* __FBSDID("$FreeBSD: src/lib/libc/stdlib/malloc.c,v 1.147 2007/06/15 22:00:16 jasone Exp $"); */ 
-__RCSID("$NetBSD: jemalloc.c,v 1.44 2017/12/01 22:47:06 mrg Exp $");
+__RCSID("$NetBSD: jemalloc.c,v 1.45 2018/07/25 20:05:35 kamil Exp $");
 
 #ifdef __FreeBSD__
 #include "libc_private.h"
@@ -1704,7 +1704,7 @@ arena_run_reg_alloc(arena_run_t *run, ar
 		    + (bin->reg_size * regind));
 
 		/* Clear bit. */
-		mask ^= (1 << bit);
+		mask ^= (1U << bit);
 		run->regs_mask[i] = mask;
 
 		return (ret);
@@ -1721,7 +1721,7 @@ arena_run_reg_alloc(arena_run_t *run, ar
 			    + (bin->reg_size * regind));
 
 			/* Clear bit. */
-			mask ^= (1 << bit);
+			mask ^= (1U << bit);
 			run->regs_mask[i] = mask;
 
 			/*
@@ -1836,8 +1836,8 @@ arena_run_reg_dalloc(arena_run_t *run, a
 	if (elm < run->regs_minelm)
 		run->regs_minelm = elm;
 	bit = regind - (elm << (SIZEOF_INT_2POW + 3));
-	assert((run->regs_mask[elm] & (1 << bit)) == 0);
-	run->regs_mask[elm] |= (1 << bit);
+	assert((run->regs_mask[elm] & (1U << bit)) == 0);
+	run->regs_mask[elm] |= (1U << bit);
 #undef SIZE_INV
 #undef SIZE_INV_SHIFT
 }

Reply via email to