Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 8 Aug 2018 15:08:23 +0000 (UTC)
From:      "Pedro F. Giffuni" <pfg@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r337456 - head/sys/fs/msdosfs
Message-ID:  <201808081508.w78F8Nb3025569@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: pfg
Date: Wed Aug  8 15:08:22 2018
New Revision: 337456
URL: https://svnweb.freebsd.org/changeset/base/337456

Log:
  msdosfs: fixes for Undefined Behavior.
  
  These were found by the Undefined Behaviour GsoC project at NetBSD:
  
  Do not change signedness bit with left shift.
  While there avoid signed integer overflow.
  Address both issues with using unsigned type.
  
  msdosfs_fat.c:512:42, left shift of 1 by 31 places cannot be represented
  in type 'int'
  msdosfs_fat.c:521:44, left shift of 1 by 31 places cannot be represented
  in type 'int'
  msdosfs_fat.c:744:14, left shift of 1 by 31 places cannot be represented
  in type 'int'
  msdosfs_fat.c:744:24, signed integer overflow: -2147483648 - 1 cannot be
  represented in type 'int [20]'
  msdosfs_fat.c:840:13, left shift of 1 by 31 places cannot be represented
  in type 'int'
  msdosfs_fat.c:840:36, signed integer overflow: -2147483648 - 1 cannot be
  represented in type 'int [20]'
  
  Detected with micro-UBSan in the user mode.
  
  Hinted from:	NetBSD (CVS 1.33)
  MFC after:	2 weeks
  Differenctial Revision:	https://reviews.freebsd.org/D16615

Modified:
  head/sys/fs/msdosfs/msdosfs_fat.c

Modified: head/sys/fs/msdosfs/msdosfs_fat.c
==============================================================================
--- head/sys/fs/msdosfs/msdosfs_fat.c	Wed Aug  8 13:36:49 2018	(r337455)
+++ head/sys/fs/msdosfs/msdosfs_fat.c	Wed Aug  8 15:08:22 2018	(r337456)
@@ -391,7 +391,7 @@ usemap_alloc(struct msdosfsmount *pmp, u_long cn)
 	KASSERT((pmp->pm_inusemap[cn / N_INUSEBITS] & (1 << (cn % N_INUSEBITS)))
 	    == 0, ("Allocating used sector %ld %ld %x", cn, cn % N_INUSEBITS,
 		(unsigned)pmp->pm_inusemap[cn / N_INUSEBITS]));
-	pmp->pm_inusemap[cn / N_INUSEBITS] |= 1 << (cn % N_INUSEBITS);
+	pmp->pm_inusemap[cn / N_INUSEBITS] |= 1U << (cn % N_INUSEBITS);
 	KASSERT(pmp->pm_freeclustercount > 0, ("usemap_alloc: too little"));
 	pmp->pm_freeclustercount--;
 	pmp->pm_flags |= MSDOSFS_FSIMOD;
@@ -412,7 +412,7 @@ usemap_free(struct msdosfsmount *pmp, u_long cn)
 	KASSERT((pmp->pm_inusemap[cn / N_INUSEBITS] & (1 << (cn % N_INUSEBITS)))
 	    != 0, ("Freeing unused sector %ld %ld %x", cn, cn % N_INUSEBITS,
 		(unsigned)pmp->pm_inusemap[cn / N_INUSEBITS]));
-	pmp->pm_inusemap[cn / N_INUSEBITS] &= ~(1 << (cn % N_INUSEBITS));
+	pmp->pm_inusemap[cn / N_INUSEBITS] &= ~(1U << (cn % N_INUSEBITS));
 }
 
 int
@@ -775,7 +775,7 @@ clusteralloc1(struct msdosfsmount *pmp, u_long start, 
 	for (cn = newst; cn <= pmp->pm_maxcluster;) {
 		idx = cn / N_INUSEBITS;
 		map = pmp->pm_inusemap[idx];
-		map |= (1 << (cn % N_INUSEBITS)) - 1;
+		map |= (1U << (cn % N_INUSEBITS)) - 1;
 		if (map != FULL_RUN) {
 			cn = idx * N_INUSEBITS + ffs(map ^ FULL_RUN) - 1;
 			if ((l = chainlength(pmp, cn, count)) >= count)
@@ -792,7 +792,7 @@ clusteralloc1(struct msdosfsmount *pmp, u_long start, 
 	for (cn = 0; cn < newst;) {
 		idx = cn / N_INUSEBITS;
 		map = pmp->pm_inusemap[idx];
-		map |= (1 << (cn % N_INUSEBITS)) - 1;
+		map |= (1U << (cn % N_INUSEBITS)) - 1;
 		if (map != FULL_RUN) {
 			cn = idx * N_INUSEBITS + ffs(map ^ FULL_RUN) - 1;
 			if ((l = chainlength(pmp, cn, count)) >= count)
@@ -950,7 +950,7 @@ fillinusemap(struct msdosfsmount *pmp)
 
 	for (cn = pmp->pm_maxcluster + 1; cn < (pmp->pm_maxcluster +
 	    N_INUSEBITS) / N_INUSEBITS; cn++)
-		pmp->pm_inusemap[cn / N_INUSEBITS] |= 1 << (cn % N_INUSEBITS);
+		pmp->pm_inusemap[cn / N_INUSEBITS] |= 1U << (cn % N_INUSEBITS);
 
 	return (0);
 }



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201808081508.w78F8Nb3025569>