From 8141d64527c5e7a1723e2caeeebb0cde4e591207 Mon Sep 17 00:00:00 2001 From: Marc Mutz Date: Sat, 12 Mar 2016 11:34:48 +0100 Subject: [PATCH] qgrayraster: fix UBs involving << with a negative LHS Left-shifts of negative values are undefined in C++. In particular, they don't behave arithmetically. Reported by UBSan: qgrayraster.c:510:19: runtime error: left shift of negative value -1/-42 qgrayraster.c:537:26: runtime error: left shift of negative value -1/-4/-128 qgrayraster.c:538:26: runtime error: left shift of negative value -1/-4/-128 qgrayraster.c:641:28: runtime error: left shift of negative value -1/-42 qgrayraster.c:676:44: runtime error: left shift of negative value -1/-4/-5/-14/-129 qgrayraster.c:807:19: runtime error: left shift of negative value -1/-42 qgrayraster.c:1101:9: runtime error: left shift of negative value -32/-46/-224/-8160 qgrayraster.c:1102:9: runtime error: left shift of negative value -32/-2626 qgrayraster.c:1454:36: runtime error: left shift of negative value -32/-96/-224/-466/-2626/-8160 qgrayraster.c:1535:30: runtime error: left shift of negative value -32/-46/-224/-2626/-8160 Fix by using ordinary multiplication instead, because negative left-hand-side values don't look like they are an error. Change-Id: I2e96de51adb4a030de8a49869ddd98a31dab31b3 Reviewed-by: Allan Sandfeld Jensen --- src/gui/painting/qgrayraster.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/gui/painting/qgrayraster.c b/src/gui/painting/qgrayraster.c index b536028fe3..5ce1895541 100644 --- a/src/gui/painting/qgrayraster.c +++ b/src/gui/painting/qgrayraster.c @@ -202,13 +202,13 @@ #define ONE_PIXEL ( 1L << PIXEL_BITS ) #define PIXEL_MASK ( -1L << PIXEL_BITS ) #define TRUNC( x ) ( (TCoord)( (x) >> PIXEL_BITS ) ) -#define SUBPIXELS( x ) ( (TPos)(x) << PIXEL_BITS ) +#define SUBPIXELS( x ) ( (TPos)(x) * ( 1 << PIXEL_BITS ) ) #define FLOOR( x ) ( (x) & -ONE_PIXEL ) #define CEILING( x ) ( ( (x) + ONE_PIXEL - 1 ) & -ONE_PIXEL ) #define ROUND( x ) ( ( (x) + ONE_PIXEL / 2 ) & -ONE_PIXEL ) #if PIXEL_BITS >= 6 -#define UPSCALE( x ) ( (x) << ( PIXEL_BITS - 6 ) ) +#define UPSCALE( x ) ( (x) * ( 1 << ( PIXEL_BITS - 6 ) ) ) #define DOWNSCALE( x ) ( (x) >> ( PIXEL_BITS - 6 ) ) #else #define UPSCALE( x ) ( (x) >> ( 6 - PIXEL_BITS ) )