https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=229714

            Bug ID: 229714
           Summary: src/libexec/rtld-elf/malloc.c:377]: (error) Signed
                    integer overflow
           Product: Base System
           Version: CURRENT
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: misc
          Assignee: b...@freebsd.org
          Reporter: dcb...@hotmail.com

Source code is

        onb = 1 << (i + 3);

So if i is ever >= 28, overflow occurs.
Suggest either sanity check i before use, or use the following code:

        onb = 1UL << (i + 3);

and move type of variable onb to unsigned long.

-- 
You are receiving this mail because:
You are the assignee for the bug.
_______________________________________________
freebsd-bugs@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"

Reply via email to