Page MenuHome GnuPG
Create Task
Maniphest T1567

integer undefined behaviors in libgcrypt
Closed, ResolvedPublic
Actions

Description

Below are some undefined behaviors found in libgcrypt by Clang 3.3's undefined
behavior sanitizer during the course of a "make check". The first two are
potentially serious, the rest are probably benign for now.

cast5.c:386:27: runtime error: shift exponent 32 is too large for 32-bit type
'u32' (aka 'unsigned int')
cast5.c:439:27: runtime error: shift exponent 32 is too large for 32-bit type
'u32' (aka 'unsigned int')

blowfish.c:416:17: runtime error: left shift of 254 by 24 places cannot be
represented in type 'int'
blowfish.c:417:17: runtime error: left shift of 170 by 24 places cannot be
represented in type 'int'
blowfish.c:443:17: runtime error: left shift of 225 by 24 places cannot be
represented in type 'int'
blowfish.c:444:17: runtime error: left shift of 244 by 24 places cannot be
represented in type 'int'
cast5.c:368:18: runtime error: left shift of 152 by 24 places cannot be
represented in type 'int'
cast5.c:369:18: runtime error: left shift of 137 by 24 places cannot be
represented in type 'int'
cast5.c:428:18: runtime error: left shift of 152 by 24 places cannot be
represented in type 'int'
cast5.c:429:18: runtime error: left shift of 132 by 24 places cannot be
represented in type 'int'
cast5.c:585:18: runtime error: left shift of 144 by 24 places cannot be
represented in type 'int'
cast5.c:587:18: runtime error: left shift of 152 by 24 places cannot be
represented in type 'int'
cast5.c:588:18: runtime error: left shift of 156 by 24 places cannot be
represented in type 'int'
des.c:497:3: runtime error: left shift of 242 by 24 places cannot be represented
in type 'int'
des.c:497:3: runtime error: left shift of 246 by 24 places cannot be represented
in type 'int'
des.c:628:3: runtime error: left shift of 255 by 24 places cannot be represented
in type 'int'
des.c:745:3: runtime error: left shift of 182 by 24 places cannot be represented
in type 'int'
des.c:745:3: runtime error: left shift of 254 by 24 places cannot be represented
in type 'int'
twofish.c:787:3: runtime error: left shift of 131 by 24 places cannot be
represented in type 'int'
twofish.c:788:3: runtime error: left shift of 158 by 24 places cannot be
represented in type 'int'
twofish.c:789:3: runtime error: left shift of 171 by 24 places cannot be
represented in type 'int'
twofish.c:790:3: runtime error: left shift of 230 by 24 places cannot be
represented in type 'int'
twofish.c:830:3: runtime error: left shift of 131 by 24 places cannot be
represented in type 'int'
twofish.c:831:3: runtime error: left shift of 133 by 24 places cannot be
represented in type 'int'
twofish.c:832:3: runtime error: left shift of 163 by 24 places cannot be
represented in type 'int'
twofish.c:833:3: runtime error: left shift of 195 by 24 places cannot be
represented in type 'int'

Details

Version
1.5.3

Event Timeline

regehr set Version to 1.5.3.Nov 12 2013, 6:21 AM
regehr added a project: Bug Report.
regehr added a subscriber: regehr.
werner added a subscriber: werner.Nov 15 2013, 8:28 AM

No, they are not. This is the specification of the algorithm.

werner added a project: Not A Bug.Nov 15 2013, 8:28 AM
werner closed this task as Resolved.Aug 18 2014, 9:01 AM
werner claimed this task.