diff options
author | Nick Kralevich <nnk@google.com> | 2019-03-21 09:29:31 -0700 |
---|---|---|
committer | Nick Kralevich <nnk@google.com> | 2019-03-21 09:29:31 -0700 |
commit | c5da03f448485044835046fc31f9a734060ffb99 (patch) | |
tree | 124283de8346480e75aa3156f890e0330be41423 | |
parent | b4ef0beb990d02600cad57096bcd20c9d646c8fa (diff) | |
download | system_core-c5da03f448485044835046fc31f9a734060ffb99.tar.gz system_core-c5da03f448485044835046fc31f9a734060ffb99.tar.bz2 system_core-c5da03f448485044835046fc31f9a734060ffb99.zip |
entry_name_utils-inl.h: clear top bit before shifting
Attempting to shift a uint8_t which has the top bit set results in a
value outside of the range allowable for a uint8_t. The process of
converting this value back to a uint8_t triggers ubsan's
implicit-conversion sanitizer.
Ensure the high order bit is stripped before shifting, so that the
shifted value fits into the allowable uint8_t range.
This change is necessary to enable integer sanitization on this code.
Somewhat related to Bug: 122975762
Test: atest ziparchive-tests
Change-Id: I940c8b2828ac88348d80f731274b990e35de6631
-rw-r--r-- | libziparchive/entry_name_utils-inl.h | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/libziparchive/entry_name_utils-inl.h b/libziparchive/entry_name_utils-inl.h index 5fc2fb458..171458690 100644 --- a/libziparchive/entry_name_utils-inl.h +++ b/libziparchive/entry_name_utils-inl.h @@ -35,7 +35,7 @@ inline bool IsValidEntryName(const uint8_t* entry_name, const size_t length) { return false; } else { // 2-5 byte sequences. - for (uint8_t first = byte << 1; first & 0x80; first <<= 1) { + for (uint8_t first = (byte & 0x7f) << 1; first & 0x80; first = (first & 0x7f) << 1) { ++i; // Missing continuation byte.. |