Closed Bug 786558 Opened 13 years ago Closed 7 years ago

Undefined behavior caused by out-of-range shift in unixShmSystemLock and sqlite3GenerateRowDelete

Categories

(Core :: SQLite and Embedded Database Bindings, defect)

Product:
Core
Component:
SQLite and Embedded Database Bindings
Platform:
x86_64
Linux
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED INACTIVE

People

(Reporter: kinetik, Unassigned)

References

(Blocks 1 open bug)

Details

Building mozilla-central with Clang 3.2 on x86_64 with -fcatch-undefined-behavior results in a binary that crashes in unixShmSystemLock and sqlite3GenerateRowDelete due to out-of-range left shifts: 86986 SQLITE_PRIVATE void sqlite3GenerateRowDelete( ... 87026 for(iCol=0; iCol<pTab->nCol; iCol++){ 87027 if( mask==0xffffffff || mask&(1<<iCol) ){ pTab->nCol is 33, loop terminates with iCol == 32. 28874 static int unixShmSystemLock( ... 28908 mask = (1<<(ofst+n)) - (1<<ofst); And here, ofst is 128.
Should be reported upstream if it's still existing, part of this code can't be found anymore
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → INACTIVE
Product: Toolkit → Core
You need to log in before you can comment on or make changes to this bug.