Date: Thu, 12 Jul 2018 09:33:45 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 229714] src/libexec/rtld-elf/malloc.c:377]: (error) Signed integer overflow Message-ID: <bug-229714-227@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D229714 Bug ID: 229714 Summary: src/libexec/rtld-elf/malloc.c:377]: (error) Signed integer overflow Product: Base System Version: CURRENT Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: misc Assignee: bugs@FreeBSD.org Reporter: dcb314@hotmail.com Source code is onb =3D 1 << (i + 3); So if i is ever >=3D 28, overflow occurs. Suggest either sanity check i before use, or use the following code: onb =3D 1UL << (i + 3); and move type of variable onb to unsigned long. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-229714-227>