Dominique wrote:
> Using the clang -fsanitizer=signed-integer-overflow,shift option,
> I see this bug in Vim:
>
> ===
> misc2.c:6504:12: runtime error: left shift of 16777215 by 8 places
> cannot be represented in type 'int'
> ====
>
> misc2.c:
>
> 6492 /*
> 6493 * Read 4 bytes from "fd" and turn them into an int, MSB first.
> 6494 */
> 6495 int
> 6496 get4c(fd)
> 6497 FILE *fd;
> 6498 {
> 6499 int n;
> 6500
> 6501 n = getc(fd);
> 6502 n = (n << 8) + getc(fd);
> 6503 n = (n << 8) + getc(fd);
> !!6504 n = (n << 8) + getc(fd);
> 6505 return n;
> 6506 }
>
> Bug happens because left shift at line 6504 may set the MSB of n,
> which has undefined behavior in C when using signed integer. It
> is only defined when using unsigned. It might be correct in
> practice on most compilers anyway (?) but attached patch
> avoids the hazard.
Thanks!
--
hundred-and-one symptoms of being an internet addict:
189. You put your e-mail address in the upper left-hand corner of envelopes.
/// Bram Moolenaar -- [email protected] -- http://www.Moolenaar.net \\\
/// sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\
\\\ an exciting new programming language -- http://www.Zimbu.org ///
\\\ help me help AIDS victims -- http://ICCF-Holland.org ///
--
--
You received this message from the "vim_dev" maillist.
Do not top-post! Type your reply below the text you are replying to.
For more information, visit http://www.vim.org/maillist.php
---
You received this message because you are subscribed to the Google Groups
"vim_dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
