c59879b8aa
Rebase on upstream commit 32611aea6543
See
$ cd SELinuxProject/selinux
$ git log --pretty=oneline libsepol-3.2..32611aea6543 -- libsepol
48 lines
1.6 KiB
Diff
48 lines
1.6 KiB
Diff
From 1537ea8412e4af832b53ac48b7d85eac00426a92 Mon Sep 17 00:00:00 2001
|
|
From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
|
|
Date: Tue, 8 Jun 2021 17:58:55 +0200
|
|
Subject: [PATCH] libsepol: avoid unsigned integer overflow
|
|
MIME-Version: 1.0
|
|
Content-Type: text/plain; charset=UTF-8
|
|
Content-Transfer-Encoding: 8bit
|
|
|
|
Unsigned integer overflow is well-defined and not undefined behavior.
|
|
But it is still useful to enable undefined behavior sanitizer checks on
|
|
unsigned arithmetic to detect possible issues on counters or variables
|
|
with similar purpose.
|
|
|
|
Use a spaceship operator like comparison instead of subtraction.
|
|
|
|
Modern compilers will generate a single comparison instruction instead
|
|
of actually perform the subtraction.
|
|
|
|
policydb.c:826:17: runtime error: unsigned integer overflow: 24 - 1699 cannot be represented in type 'unsigned int'
|
|
|
|
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
|
|
Acked-by: James Carter <jwcart2@gmail.com>
|
|
---
|
|
libsepol/src/policydb.c | 4 ++--
|
|
1 file changed, 2 insertions(+), 2 deletions(-)
|
|
|
|
diff --git a/libsepol/src/policydb.c b/libsepol/src/policydb.c
|
|
index fc1d07112efb..e0b072e1938f 100644
|
|
--- a/libsepol/src/policydb.c
|
|
+++ b/libsepol/src/policydb.c
|
|
@@ -817,11 +817,11 @@ static int filenametr_cmp(hashtab_t h __attribute__ ((unused)),
|
|
const filename_trans_key_t *ft2 = (const filename_trans_key_t *)k2;
|
|
int v;
|
|
|
|
- v = ft1->ttype - ft2->ttype;
|
|
+ v = (ft1->ttype > ft2->ttype) - (ft1->ttype < ft2->ttype);
|
|
if (v)
|
|
return v;
|
|
|
|
- v = ft1->tclass - ft2->tclass;
|
|
+ v = (ft1->tclass > ft2->tclass) - (ft1->tclass < ft2->tclass);
|
|
if (v)
|
|
return v;
|
|
|
|
--
|
|
2.32.0
|
|
|