svn commit: r338180 - stable/10/sys/fs/msdosfs

[Pedro F. Giffuni]

Author: pfg
Date: Wed Aug 22 04:21:25 2018
New Revision: 338180
URL: https://svnweb.freebsd.org/changeset/base/338180

Log:
  MFC r337456:
  msdosfs: fixes for Undefined Behavior.
  
  These were found by the Undefined Behaviour GsoC project at NetBSD:
  
  Do not change signedness bit with left shift.
  While there avoid signed integer overflow.
  Address both issues with using unsigned type.
  
  msdosfs_fat.c:512:42, left shift of 1 by 31 places cannot be represented
  in type 'int'
  msdosfs_fat.c:521:44, left shift of 1 by 31 places cannot be represented
  in type 'int'
  msdosfs_fat.c:744:14, left shift of 1 by 31 places cannot be represented
  in type 'int'
  msdosfs_fat.c:744:24, signed integer overflow: -2147483648 - 1 cannot be
  represented in type 'int [20]'
  msdosfs_fat.c:840:13, left shift of 1 by 31 places cannot be represented
  in type 'int'
  msdosfs_fat.c:840:36, signed integer overflow: -2147483648 - 1 cannot be
  represented in type 'int [20]'
  
  Detected with micro-UBSan in the user mode.
  
  Hinted from:	NetBSD (CVS 1.33)

Modified:
  stable/10/sys/fs/msdosfs/msdosfs_fat.c
Directory Properties:
  stable/10/   (props changed)

Modified: stable/10/sys/fs/msdosfs/msdosfs_fat.c
==============================================================================
--- stable/10/sys/fs/msdosfs/msdosfs_fat.c	Wed Aug 22 04:20:20 2018	(r338179)
+++ stable/10/sys/fs/msdosfs/msdosfs_fat.c	Wed Aug 22 04:21:25 2018	(r338180)
@@ -408,7 +408,7 @@ usemap_alloc(pmp, cn)
 	KASSERT((pmp->pm_inusemap[cn / N_INUSEBITS] & (1 << (cn % N_INUSEBITS)))
 	    == 0, ("Allocating used sector %ld %ld %x", cn, cn % N_INUSEBITS,
 		(unsigned)pmp->pm_inusemap[cn / N_INUSEBITS]));
-	pmp->pm_inusemap[cn / N_INUSEBITS] |= 1 << (cn % N_INUSEBITS);
+	pmp->pm_inusemap[cn / N_INUSEBITS] |= 1U << (cn % N_INUSEBITS);
 	KASSERT(pmp->pm_freeclustercount > 0, ("usemap_alloc: too little"));
 	pmp->pm_freeclustercount--;
 	pmp->pm_flags |= MSDOSFS_FSIMOD;
@@ -431,7 +431,7 @@ usemap_free(pmp, cn)
 	KASSERT((pmp->pm_inusemap[cn / N_INUSEBITS] & (1 << (cn % N_INUSEBITS)))
 	    != 0, ("Freeing unused sector %ld %ld %x", cn, cn % N_INUSEBITS,
 		(unsigned)pmp->pm_inusemap[cn / N_INUSEBITS]));
-	pmp->pm_inusemap[cn / N_INUSEBITS] &= ~(1 << (cn % N_INUSEBITS));
+	pmp->pm_inusemap[cn / N_INUSEBITS] &= ~(1U << (cn % N_INUSEBITS));
 }
 
 int
@@ -813,7 +813,7 @@ clusteralloc1(struct msdosfsmount *pmp, u_long start, 
 	for (cn = newst; cn <= pmp->pm_maxcluster;) {
 		idx = cn / N_INUSEBITS;
 		map = pmp->pm_inusemap[idx];
-		map |= (1 << (cn % N_INUSEBITS)) - 1;
+		map |= (1U << (cn % N_INUSEBITS)) - 1;
 		if (map != FULL_RUN) {
 			cn = idx * N_INUSEBITS + ffs(map ^ FULL_RUN) - 1;
 			if ((l = chainlength(pmp, cn, count)) >= count)
@@ -830,7 +830,7 @@ clusteralloc1(struct msdosfsmount *pmp, u_long start, 
 	for (cn = 0; cn < newst;) {
 		idx = cn / N_INUSEBITS;
 		map = pmp->pm_inusemap[idx];
-		map |= (1 << (cn % N_INUSEBITS)) - 1;
+		map |= (1U << (cn % N_INUSEBITS)) - 1;
 		if (map != FULL_RUN) {
 			cn = idx * N_INUSEBITS + ffs(map ^ FULL_RUN) - 1;
 			if ((l = chainlength(pmp, cn, count)) >= count)
@@ -981,7 +981,7 @@ fillinusemap(pmp)
 
 	for (cn = pmp->pm_maxcluster + 1; cn < (pmp->pm_maxcluster +
 	    N_INUSEBITS) / N_INUSEBITS; cn++)
-		pmp->pm_inusemap[cn / N_INUSEBITS] |= 1 << (cn % N_INUSEBITS);
+		pmp->pm_inusemap[cn / N_INUSEBITS] |= 1U << (cn % N_INUSEBITS);
 
 	return (0);
 }