Hi Using the clang -fsanitizer=signed-integer-overflow,shift option, I see this bug in Vim:
===
misc2.c:6504:12: runtime error: left shift of 16777215 by 8 places
cannot be represented in type 'int'
====
misc2.c:
6492 /*
6493 * Read 4 bytes from "fd" and turn them into an int, MSB first.
6494 */
6495 int
6496 get4c(fd)
6497 FILE *fd;
6498 {
6499 int n;
6500
6501 n = getc(fd);
6502 n = (n << 8) + getc(fd);
6503 n = (n << 8) + getc(fd);
!!6504 n = (n << 8) + getc(fd);
6505 return n;
6506 }
Bug happens because left shift at line 6504 may set the MSB of n,
which has undefined behavior in C when using signed integer. It
is only defined when using unsigned. It might be correct in
practice on most compilers anyway (?) but attached patch
avoids the hazard.
Regards
Dominique
--
--
You received this message from the "vim_dev" maillist.
Do not top-post! Type your reply below the text you are replying to.
For more information, visit http://www.vim.org/maillist.php
---
You received this message because you are subscribed to the Google Groups
"vim_dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
fix-left-shift-hazard-misc2.c-7.4.22.patch
Description: Binary data
