From 6b4d94c9877ec59081b9da946c00fa2647cad928 Mon Sep 17 00:00:00 2001 From: Douglas Bagnall Date: Wed, 7 Dec 2022 09:08:11 +1300 Subject: compression: fix sign extension of long matches (CID 1517275) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Very long matches would be written instead as very very long matches. We can't in fact hit this because we have a MAX_MATCH_LENGTH defined as 64M, but if we could, it might make certain 2GB+ strings impossible to compress. CID 1517275 (#1 of 1): Unintended sign extension (SIGN_EXTENSION)sign_extension: Suspicious implicit sign extension: intermediate[i + 2UL] with type uint16_t (16 bits, unsigned) is promoted in intermediate[i + 2UL] << 16 to type int (32 bits, signed), then sign-extended to type unsigned long (64 bits, unsigned). If intermediate[i + 2UL] << 16 is greater than 0x7FFFFFFF, the upper bits of the result will all be 1. Signed-off-by: Douglas Bagnall Reviewed-by: Jeremy Allison --- lib/compression/lzxpress_huffman.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/compression') diff --git a/lib/compression/lzxpress_huffman.c b/lib/compression/lzxpress_huffman.c index c8e92383002..4b55c7b7e88 100644 --- a/lib/compression/lzxpress_huffman.c +++ b/lib/compression/lzxpress_huffman.c @@ -1049,7 +1049,7 @@ static ssize_t write_compressed_bytes(uint16_t symbol_values[512], } len = intermediate[i + 1]; - len |= intermediate[i + 2] << 16; + len |= intermediate[i + 2] << 16U; distance = intermediate[i + 3]; i += 3; } else if (c == 0xffff) { -- cgit v1.2.1