ganapathi / rpms / mariadb

Forked from rpms/mariadb 4 years ago
Clone
Blob Blame History Raw
This issue has been found by Coverity - static analysis tool.

mysql-5.5.31/strings/ctype-ucs2.c:1707:sign_extension – Suspicious implicit sign extension: "s[0]" with type "unsigned char" (8 bits, unsigned) is promoted in "(s[0] << 24) + (s[1] << 16) + (s[2] << 8) + s[3]" to type "int" (32 bits, signed), then sign-extended to type "unsigned long" (64 bits, unsigned). If "(s[0] << 24) + (s[1] << 16) + (s[2] << 8) + s[3]" is greater than 0x7FFFFFFF, the upper bits of the result will all be 1.

diff -up mysql-5.5.31/strings/ctype-ucs2.c.covscan1 mysql-5.5.31/strings/ctype-ucs2.c
--- mysql-5.5.31/strings/ctype-ucs2.c.covscan1	2013-06-14 12:12:29.663300314 +0200
+++ mysql-5.5.31/strings/ctype-ucs2.c	2013-06-14 12:13:07.809299646 +0200
@@ -1704,7 +1704,7 @@ my_utf32_uni(CHARSET_INFO *cs __attribut
 {
   if (s + 4 > e)
     return MY_CS_TOOSMALL4;
-  *pwc= (s[0] << 24) + (s[1] << 16) + (s[2] << 8) + (s[3]);
+  *pwc= (((my_wc_t)s[0]) << 24) + (s[1] << 16) + (s[2] << 8) + (s[3]);
   return 4;
 }