diff options
| author | lhchavez <lhchavez@lhchavez.com> | 2022-04-05 13:10:33 -0700 |
|---|---|---|
| committer | lhchavez <lhchavez@lhchavez.com> | 2022-04-05 13:19:26 -0700 |
| commit | 33b1d3fd62c3702ff6cc85c95dc01f372253851e (patch) | |
| tree | 613ba99f70ea1f85d120c36b966ef3e2a42fd69c /fuzzers | |
| parent | d8015d28a75223e8645012e344c1d5bfa25e4e50 (diff) | |
| download | libgit2-33b1d3fd62c3702ff6cc85c95dc01f372253851e.tar.gz | |
[midx] Fix an undefined behavior (left-shift signed overflow)
There was a missing check to ensure that the `off64_t` (which is a
signed value) didn't overflow when parsing it from the midx file. This
shouldn't have huge repercusions since the parsed value is immediately
validated afterwards, but then again, there is no such thing as "benign"
undefined behavior.
This change makes all the bitwise arithmetic happen with unsigned types
and is only casted to `off64_t` until the very end.
Thanks to Taotao Gu for finding and reporting this!
Diffstat (limited to 'fuzzers')
| -rw-r--r-- | fuzzers/corpora/midx/666a779eed16847c6930a71c0547a34e52db409e | bin | 0 -> 62 bytes |
1 files changed, 0 insertions, 0 deletions
diff --git a/fuzzers/corpora/midx/666a779eed16847c6930a71c0547a34e52db409e b/fuzzers/corpora/midx/666a779eed16847c6930a71c0547a34e52db409e Binary files differnew file mode 100644 index 000000000..ed9e0d07a --- /dev/null +++ b/fuzzers/corpora/midx/666a779eed16847c6930a71c0547a34e52db409e |