[nginx] Avoid left-shifting integers into the sign bit, which is undefined.
Sergey Kandaurov
pluknet at nginx.com
Thu Jul 7 18:08:21 UTC 2016
details: http://hg.nginx.org/nginx/rev/b3682580c1bd
branches:
changeset: 6626:b3682580c1bd
user: Sergey Kandaurov <pluknet at nginx.com>
date: Thu Jul 07 21:02:28 2016 +0300
description:
Avoid left-shifting integers into the sign bit, which is undefined.
Found with UndefinedBehaviorSanitizer.
diffstat:
src/core/ngx_string.c | 4 ++--
src/http/modules/ngx_http_log_module.c | 4 ++--
src/http/modules/ngx_http_userid_filter_module.c | 2 +-
src/http/ngx_http_parse.c | 22 +++++++++++-----------
4 files changed, 16 insertions(+), 16 deletions(-)
diffs (156 lines):
diff -r a616bdc38645 -r b3682580c1bd src/core/ngx_string.c
--- a/src/core/ngx_string.c Mon Jun 27 15:00:06 2016 -0700
+++ b/src/core/ngx_string.c Thu Jul 07 21:02:28 2016 +0300
@@ -1563,7 +1563,7 @@ ngx_escape_uri(u_char *dst, u_char *src,
n = 0;
while (size) {
- if (escape[*src >> 5] & (1 << (*src & 0x1f))) {
+ if (escape[*src >> 5] & (1U << (*src & 0x1f))) {
n++;
}
src++;
@@ -1574,7 +1574,7 @@ ngx_escape_uri(u_char *dst, u_char *src,
}
while (size) {
- if (escape[*src >> 5] & (1 << (*src & 0x1f))) {
+ if (escape[*src >> 5] & (1U << (*src & 0x1f))) {
*dst++ = '%';
*dst++ = hex[*src >> 4];
*dst++ = hex[*src & 0xf];
diff -r a616bdc38645 -r b3682580c1bd src/http/modules/ngx_http_log_module.c
--- a/src/http/modules/ngx_http_log_module.c Mon Jun 27 15:00:06 2016 -0700
+++ b/src/http/modules/ngx_http_log_module.c Thu Jul 07 21:02:28 2016 +0300
@@ -1000,7 +1000,7 @@ ngx_http_log_escape(u_char *dst, u_char
n = 0;
while (size) {
- if (escape[*src >> 5] & (1 << (*src & 0x1f))) {
+ if (escape[*src >> 5] & (1U << (*src & 0x1f))) {
n++;
}
src++;
@@ -1011,7 +1011,7 @@ ngx_http_log_escape(u_char *dst, u_char
}
while (size) {
- if (escape[*src >> 5] & (1 << (*src & 0x1f))) {
+ if (escape[*src >> 5] & (1U << (*src & 0x1f))) {
*dst++ = '\\';
*dst++ = 'x';
*dst++ = hex[*src >> 4];
diff -r a616bdc38645 -r b3682580c1bd src/http/modules/ngx_http_userid_filter_module.c
--- a/src/http/modules/ngx_http_userid_filter_module.c Mon Jun 27 15:00:06 2016 -0700
+++ b/src/http/modules/ngx_http_userid_filter_module.c Thu Jul 07 21:02:28 2016 +0300
@@ -836,7 +836,7 @@ ngx_http_userid_init_worker(ngx_cycle_t
ngx_gettimeofday(&tp);
/* use the most significant usec part that fits to 16 bits */
- start_value = ((tp.tv_usec / 20) << 16) | ngx_pid;
+ start_value = (((uint32_t) tp.tv_usec / 20) << 16) | ngx_pid;
return NGX_OK;
}
diff -r a616bdc38645 -r b3682580c1bd src/http/ngx_http_parse.c
--- a/src/http/ngx_http_parse.c Mon Jun 27 15:00:06 2016 -0700
+++ b/src/http/ngx_http_parse.c Thu Jul 07 21:02:28 2016 +0300
@@ -481,7 +481,7 @@ ngx_http_parse_request_line(ngx_http_req
/* check "/.", "//", "%", and "\" (Win32) in URI */
case sw_after_slash_in_uri:
- if (usual[ch >> 5] & (1 << (ch & 0x1f))) {
+ if (usual[ch >> 5] & (1U << (ch & 0x1f))) {
state = sw_check_uri;
break;
}
@@ -540,7 +540,7 @@ ngx_http_parse_request_line(ngx_http_req
/* check "/", "%" and "\" (Win32) in URI */
case sw_check_uri:
- if (usual[ch >> 5] & (1 << (ch & 0x1f))) {
+ if (usual[ch >> 5] & (1U << (ch & 0x1f))) {
break;
}
@@ -626,7 +626,7 @@ ngx_http_parse_request_line(ngx_http_req
/* URI */
case sw_uri:
- if (usual[ch >> 5] & (1 << (ch & 0x1f))) {
+ if (usual[ch >> 5] & (1U << (ch & 0x1f))) {
break;
}
@@ -1131,7 +1131,7 @@ ngx_http_parse_uri(ngx_http_request_t *r
/* check "/.", "//", "%", and "\" (Win32) in URI */
case sw_after_slash_in_uri:
- if (usual[ch >> 5] & (1 << (ch & 0x1f))) {
+ if (usual[ch >> 5] & (1U << (ch & 0x1f))) {
state = sw_check_uri;
break;
}
@@ -1179,7 +1179,7 @@ ngx_http_parse_uri(ngx_http_request_t *r
/* check "/", "%" and "\" (Win32) in URI */
case sw_check_uri:
- if (usual[ch >> 5] & (1 << (ch & 0x1f))) {
+ if (usual[ch >> 5] & (1U << (ch & 0x1f))) {
break;
}
@@ -1228,7 +1228,7 @@ ngx_http_parse_uri(ngx_http_request_t *r
/* URI */
case sw_uri:
- if (usual[ch >> 5] & (1 << (ch & 0x1f))) {
+ if (usual[ch >> 5] & (1U << (ch & 0x1f))) {
break;
}
@@ -1289,7 +1289,7 @@ ngx_http_parse_complex_uri(ngx_http_requ
case sw_usual:
- if (usual[ch >> 5] & (1 << (ch & 0x1f))) {
+ if (usual[ch >> 5] & (1U << (ch & 0x1f))) {
*u++ = ch;
ch = *p++;
break;
@@ -1358,7 +1358,7 @@ ngx_http_parse_complex_uri(ngx_http_requ
case sw_slash:
- if (usual[ch >> 5] & (1 << (ch & 0x1f))) {
+ if (usual[ch >> 5] & (1U << (ch & 0x1f))) {
state = sw_usual;
*u++ = ch;
ch = *p++;
@@ -1401,7 +1401,7 @@ ngx_http_parse_complex_uri(ngx_http_requ
case sw_dot:
- if (usual[ch >> 5] & (1 << (ch & 0x1f))) {
+ if (usual[ch >> 5] & (1U << (ch & 0x1f))) {
state = sw_usual;
*u++ = ch;
ch = *p++;
@@ -1442,7 +1442,7 @@ ngx_http_parse_complex_uri(ngx_http_requ
case sw_dot_dot:
- if (usual[ch >> 5] & (1 << (ch & 0x1f))) {
+ if (usual[ch >> 5] & (1U << (ch & 0x1f))) {
state = sw_usual;
*u++ = ch;
ch = *p++;
@@ -1836,7 +1836,7 @@ ngx_http_parse_unsafe_uri(ngx_http_reque
continue;
}
- if (usual[ch >> 5] & (1 << (ch & 0x1f))) {
+ if (usual[ch >> 5] & (1U << (ch & 0x1f))) {
continue;
}
More information about the nginx-devel
mailing list