upstream/mercurial-mirror Commit - r38322:1fb2510c

bitmanipulation: fix undefined behavior in bit shift in getbe32...

Augie Fackler -

r38322:1fb2510c @40 default

parent child

contrib/fuzz/mpatch_corpus.py

0 +4 0

                 zf.writestr(
                     "mpatch_decode_old_overread", "\x02\x00\x00\x00\x02\x00\x00\x00"
                 )
+                # https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=8876
+                zf.writestr(
+                    "mpatch_ossfuzz_getbe32_ubsan",
+                    "\x02\x00\x00\x00\x0c    \xff\xff\xff\xff    ")
                 zf.writestr(
                     "mpatch_apply_over_memcpy",
                     '\x13\x01\x00\x05\xd0\x00\x00\x00\x00\x00\x00\x00\x00\n \x00\x00\x00'

mercurial/bitmanipulation.h

0 +2 -1

             {
             	const unsigned char *d = (const unsigned char *)c;
-            	return ((d[0] << 24) | (d[1] << 16) | (d[2] << 8) | (d[3]));
+            	return ((((uint32_t)d[0]) << 24) | (((uint32_t)d[1]) << 16) |
+            	        (((uint32_t)d[2]) << 8) | (d[3]));
             }
             static inline int16_t getbeint16(const char *c)

General Comments 0

You need to be logged in to leave comments. Login now

No TODOs yet

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages