From d4ef54c6098b9ddeca60489644922825f3cf3d0d Mon Sep 17 00:00:00 2001 From: Cody P Schafer Date: Wed, 7 Mar 2018 11:27:02 -0500 Subject: [PATCH] helper/types: cast to uint32_t,uint16_t to avoid UB by shifting int too far Without this, we have some types promoted to `int` when they need to be `unsigned int`. Here's some ubsan output hitting this: Unfortunately, what happens is that things get promoted to `int`, but need to be `unsigned int`. Here's the ubsan output: src/helper/types.h:126:65: runtime error: left shift of 255 by 24 places cannot be represented in type 'int' #0 0x55978a612060 in le_to_h_u32 src/helper/types.h:126 #1 0x55978a61ff9e in stlink_usb_read_reg src/jtag/drivers/stlink_usb.c:1539 #2 0x55978a8cfd45 in adapter_load_core_reg_u32 src/target/hla_target.c:67 #3 0x55978a9f48e3 in armv7m_read_core_reg src/target/armv7m.c:236 #4 0x55978a8d24fc in adapter_load_context src/target/hla_target.c:372 #5 0x55978a8d261b in adapter_debug_entry src/target/hla_target.c:396 #6 0x55978a8d3123 in adapter_poll src/target/hla_target.c:457 #7 0x55978a528357 in target_poll src/target/target.c:535 #8 0x55978a539fd4 in target_wait_state src/target/target.c:2914 #9 0x55978a556e20 in jim_target_wait_state src/target/target.c:5256 #10 0x55978a5cca62 in command_unknown src/helper/command.c:1030 #11 0x55978aaed894 in JimInvokeCommand /home/cody/d/openocd-code/jimtcl/jim.c:10364 Change-Id: I24f6abfd26b6980100657397d69c84f2b80a005a Signed-off-by: Cody P Schafer Reviewed-on: http://openocd.zylin.com/4455 Reviewed-by: Tomas Vanek Tested-by: jenkins Reviewed-by: Christopher Head --- src/helper/types.h | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/src/helper/types.h b/src/helper/types.h index a7dd2a816..5e35c13b7 100644 --- a/src/helper/types.h +++ b/src/helper/types.h @@ -128,17 +128,17 @@ static inline uint64_t le_to_h_u64(const uint8_t *buf) static inline uint32_t le_to_h_u32(const uint8_t* buf) { - return (uint32_t)(buf[0] | buf[1] << 8 | buf[2] << 16 | buf[3] << 24); + return (uint32_t)((uint32_t)buf[0] | (uint32_t)buf[1] << 8 | (uint32_t)buf[2] << 16 | (uint32_t)buf[3] << 24); } static inline uint32_t le_to_h_u24(const uint8_t* buf) { - return (uint32_t)(buf[0] | buf[1] << 8 | buf[2] << 16); + return (uint32_t)((uint32_t)buf[0] | (uint32_t)buf[1] << 8 | (uint32_t)buf[2] << 16); } static inline uint16_t le_to_h_u16(const uint8_t* buf) { - return (uint16_t)(buf[0] | buf[1] << 8); + return (uint16_t)((uint16_t)buf[0] | (uint16_t)buf[1] << 8); } static inline uint64_t be_to_h_u64(const uint8_t *buf) @@ -155,17 +155,17 @@ static inline uint64_t be_to_h_u64(const uint8_t *buf) static inline uint32_t be_to_h_u32(const uint8_t* buf) { - return (uint32_t)(buf[3] | buf[2] << 8 | buf[1] << 16 | buf[0] << 24); + return (uint32_t)((uint32_t)buf[3] | (uint32_t)buf[2] << 8 | (uint32_t)buf[1] << 16 | (uint32_t)buf[0] << 24); } static inline uint32_t be_to_h_u24(const uint8_t* buf) { - return (uint32_t)(buf[2] | buf[1] << 8 | buf[0] << 16); + return (uint32_t)((uint32_t)buf[2] | (uint32_t)buf[1] << 8 | (uint32_t)buf[0] << 16); } static inline uint16_t be_to_h_u16(const uint8_t* buf) { - return (uint16_t)(buf[1] | buf[0] << 8); + return (uint16_t)((uint16_t)buf[1] | (uint16_t)buf[0] << 8); } static inline void h_u64_to_le(uint8_t *buf, int64_t val)