Page MenuHome GnuPG
Create Task
Maniphest T5026

libgpg-error and undefined behavior sanitizer findings
Closed, ResolvedPublic
Actions

Description

I'm building libgpg-error 1.38 with -fsanitize=undefined -fno-sanitize-recover=all.

$make check
...
PASS: t-poll
PASS: t-b64
argparse.c:293:22: runtime error: left shift of 1 by 31 places cannot be represented in type 'int'
FAIL: t-argparse
argparse.c:293:22: runtime error: left shift of 1 by 31 places cannot be represented in type 'int'
FAIL: t-logging
argparse.c:293:22: runtime error: left shift of 1 by 31 places cannot be represented in type 'int'
FAIL: t-stringutils
argparse.c:293:22: runtime error: left shift of 1 by 31 places cannot be represented in type 'int'
FAIL: t-malloc

Details

Version
1.38

Revisions and Commits

rE libgpg-error
rEc5fcdd9a58a2 Fix a current gcc's -fsanitize warning.

Event Timeline

JW created this task.Aug 15 2020, 5:08 PM
JW created this object in space S1 Public.
JW added a comment.Aug 15 2020, 5:32 PM

Here's the patch:

--- src/argparse.c
+++ src/argparse.c
@@ -56,7 +56,7 @@
 
 
 /* Hidden argparse flag used to mark the object as initialized.  */
-#define ARGPARSE_FLAG__INITIALIZED  (1<< ((8*SIZEOF_INT)-1))
+#define ARGPARSE_FLAG__INITIALIZED  (1U<< ((8*SIZEOF_INT)-1))
 
 /* Special short options which are auto-inserterd.  Must fit into an
  * unsigned short.  */

If you send an email to GNU's platform-testers mailing list before a release, then the community can help you test the release candidates before the release. A lot of folks will be happy to help with testing. If you use platform-testers, then (1) build a release tarball and give it a *-rc name, (2) provide a URL to download the tarball, and (3) state where you would like bug reports sent (mailing list, bug tracker, etc).

werner closed this task as Resolved.Aug 17 2020, 9:36 AM
werner claimed this task.
werner added a subscriber: werner.

Thanks

werner added a commit: rEc5fcdd9a58a2: Fix a current gcc's -fsanitize warning..Aug 17 2020, 10:05 AM