From 13c822e44d74955b63f7dcd83aad2a86384bef32 Mon Sep 17 00:00:00 2001 From: pfg Date: Mon, 16 Jul 2018 00:23:09 +0000 Subject: [PATCH] MFC r336113: gzip: fix for undefined behavior. Unportable left shift reported with MKSANITIZER=yes USE_SANITIZER=undefined: # progress -zf ./games.tgz tar -xp -C "./" -f - /public/src.git/usr.bin/gzip/gzip.c:2126:33: runtime error: left shift of 251 by 24 places cannot be represented in type 'int' 100% |****************************************************************************************************************| 44500 KiB 119.69 MiB/s 00:00 ETA Refactor the following code into something that is more clear and fix signed integer shift, by casting all buf[] elements to (unsigned int): unsigned char buf[8]; uint32_t usize; [...] else { usize = buf[4] | buf[5] << 8 | buf[6] << 16 | buf[7] << 24; [...] New version: usize = buf[4]; usize |= (unsigned int)buf[5] << 8; usize |= (unsigned int)buf[6] << 16; usize |= (unsigned int)buf[7] << 24; Only the "<< 24" part needs explicit cast, but for consistency make the integer promotion explicit and clear to a code reader. Sponsored by Obtained from: NetBSD (CVS rev. 1.113) --- usr.bin/gzip/gzip.c | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/usr.bin/gzip/gzip.c b/usr.bin/gzip/gzip.c index e56b089ab5a..211bd9d58bb 100644 --- a/usr.bin/gzip/gzip.c +++ b/usr.bin/gzip/gzip.c @@ -1,4 +1,4 @@ -/* $NetBSD: gzip.c,v 1.112 2017/08/23 13:04:17 christos Exp $ */ +/* $NetBSD: gzip.c,v 1.113 2018/06/12 00:42:17 kamil Exp $ */ /*- * SPDX-License-Identifier: BSD-2-Clause-NetBSD @@ -2170,12 +2170,16 @@ print_list(int fd, off_t out, const char *outfile, time_t ts) maybe_warnx("read of uncompressed size"); else { - usize = buf[4] | buf[5] << 8 | - buf[6] << 16 | buf[7] << 24; + usize = buf[4]; + usize |= (unsigned int)buf[5] << 8; + usize |= (unsigned int)buf[6] << 16; + usize |= (unsigned int)buf[7] << 24; in = (off_t)usize; #ifndef SMALL - crc = buf[0] | buf[1] << 8 | - buf[2] << 16 | buf[3] << 24; + crc = buf[0]; + crc |= (unsigned int)buf[1] << 8; + crc |= (unsigned int)buf[2] << 16; + crc |= (unsigned int)buf[3] << 24; #endif } } -- 2.45.0