This is the mail archive of the elfutils-devel@sourceware.org mailing list for the elfutils project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: malformed elf causes invalid shiftleft in readelf -S with ubsan


On 01/25/2015 11:42 AM, Hanno Böck wrote:
> Hi,
> 
> When compiling elfutils with undefined behaviour sanitizer
> (-fsanitize=undefined) a warning will be shown indicating an invalid
> shiftleft operation on the attached elf file:
> 
> readelf.c:1133:28: runtime error: left shift of 1 by 31 places cannot
> be represented in type 'int'
> 
> Tested with elfutils-0.161. This was found with zzuf.

Ah, this has nothing to do with your input -- "readelf -S readelf" also
triggers the same message.

That line is:

      if (shdr->sh_flags & SHF_EXCLUDE)

That macro is:

  #define SHF_EXCLUDE	     (1 << 31)

Now, shdr is GElf_Shdr*, a typedef of Elf64_Shdr, so sh_flags is
Elf64_Xword.  Even the 32-bit case has Elf32_Word, which is unsigned so
it would be fine.  But (1 << 31) will be evaluated as int *before* the
type promotion for "&".  It should probably be (1U << 31) instead, and
maybe use 1U for all flags to be consistent.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]