svn commit: r336113 - head/usr.bin/gzip

Pedro F. Giffuni pfg at FreeBSD.org
Sun Jul 8 22:39:34 UTC 2018 

Author: pfg
Date: Sun Jul  8 22:39:33 2018
New Revision: 336113
URL: https://svnweb.freebsd.org/changeset/base/336113

Log:
  gzip: fix for undefined behavior.
  
  Unportable left shift reported with MKSANITIZER=yes
  USE_SANITIZER=undefined:
  
  # progress -zf ./games.tgz  tar -xp -C "./" -f -
  /public/src.git/usr.bin/gzip/gzip.c:2126:33: runtime error: left shift of
  251 by 24 places cannot be represented in type 'int'
  100%
  |****************************************************************************************************************|
  44500 KiB  119.69 MiB/s    00:00 ETA
  
  Refactor the following code into something that is more clear
  and fix signed integer shift, by casting all buf[] elements to
  (unsigned int):
  
  unsigned char buf[8];
  uint32_t usize;
  [...]
  else {
      usize = buf[4] | buf[5] << 8 |
              buf[6] << 16 | buf[7] << 24;
  [...]
  
  New version:
  
      usize = buf[4];
      usize |= (unsigned int)buf[5] << 8;
      usize |= (unsigned int)buf[6] << 16;
      usize |= (unsigned int)buf[7] << 24;
  
  Only the "<< 24" part needs explicit cast, but for consistency make the
  integer promotion explicit and clear to a code reader.
  
  Sponsored by <The NetBSD Foundation>
  
  Obtained from:	NetBSD (CVS rev. 1.113)
  MFC after:	1 week

Modified:
  head/usr.bin/gzip/gzip.c

Modified: head/usr.bin/gzip/gzip.c
==============================================================================
--- head/usr.bin/gzip/gzip.c	Sun Jul  8 21:14:43 2018	(r336112)
+++ head/usr.bin/gzip/gzip.c	Sun Jul  8 22:39:33 2018	(r336113)
@@ -1,4 +1,4 @@
-/*	$NetBSD: gzip.c,v 1.112 2017/08/23 13:04:17 christos Exp $	*/
+/*	$NetBSD: gzip.c,v 1.113 2018/06/12 00:42:17 kamil Exp $	*/
 
 /*-
  * SPDX-License-Identifier: BSD-2-Clause-NetBSD
@@ -2169,12 +2169,16 @@ print_list(int fd, off_t out, const char *outfile, tim
 				maybe_warnx("read of uncompressed size");
 
 			else {
-				usize = buf[4] | buf[5] << 8 |
-					buf[6] << 16 | buf[7] << 24;
+				usize = buf[4];
+				usize |= (unsigned int)buf[5] << 8;
+				usize |= (unsigned int)buf[6] << 16;
+				usize |= (unsigned int)buf[7] << 24;
 				in = (off_t)usize;
 #ifndef SMALL
-				crc = buf[0] | buf[1] << 8 |
-				      buf[2] << 16 | buf[3] << 24;
+				crc = buf[0];
+				crc |= (unsigned int)buf[1] << 8;
+				crc |= (unsigned int)buf[2] << 16;
+				crc |= (unsigned int)buf[3] << 24;
 #endif
 			}
 		}

More information about the svn-src-head mailing list