[Libreoffice-commits] online.git: common/Session.cpp
Miklos Vajna (via logerrit)
logerrit at kemper.freedesktop.org
Fri Nov 22 13:11:22 UTC 2019
common/Session.cpp | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
New commits:
commit 204cff5c192eeb60205c6c33914ed506c529780a
Author: Miklos Vajna <vmiklos at collabora.com>
AuthorDate: Fri Nov 22 14:11:00 2019 +0100
Commit: Miklos Vajna <vmiklos at collabora.com>
CommitDate: Fri Nov 22 14:11:00 2019 +0100
Avoid UB in Session::setHash()
Ubsan says that signed integer overflow is happening here:
#0 0xec344a in Session::setHash(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&) common/Session.cpp:267:17
#1 0x918b54 in DocumentBroker::load(std::shared_ptr<ClientSession> const&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&) wsd/DocumentBroker.cpp:682:18
...
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior common/Session.cpp:267:17 in
(While running unit_wopi_watermark.)
Change-Id: Idcb1692f6d5d0df8be35dc557d2d72a345acbcf4
diff --git a/common/Session.cpp b/common/Session.cpp
index 9495cc99a..1e4c76573 100644
--- a/common/Session.cpp
+++ b/common/Session.cpp
@@ -257,8 +257,8 @@ void Session::getIOStats(uint64_t &sent, uint64_t &recv)
void Session::setHash(const std::string& text)
{
- int hash = 0x811C9DC5;
- int prime = 0x1000193;
+ unsigned int hash = 0x811C9DC5;
+ unsigned int prime = 0x1000193;
if (!text.empty())
{
@@ -268,7 +268,7 @@ void Session::setHash(const std::string& text)
hash *= prime;
}
}
- _hash = abs(hash);
+ _hash = abs(static_cast<int>(hash));
}
More information about the Libreoffice-commits
mailing list