[asterisk-bugs] [DAHDI-tools 0014892]: [patch] Unsafe comparisons in tonezone.c
Asterisk Bug Tracker
noreply at bugs.digium.com
Tue Sep 15 12:15:07 CDT 2009
The following issue has been RESOLVED.
======================================================================
https://issues.asterisk.org/view.php?id=14892
======================================================================
Reported By: gknispel_proformatique
Assigned To: tzafrir
======================================================================
Project: DAHDI-tools
Issue ID: 14892
Category: General
Reproducibility: have not tried
Severity: minor
Priority: normal
Status: resolved
Resolution: fixed
Fixed in Version:
======================================================================
Date Submitted: 2009-04-14 10:24 CDT
Last Modified: 2009-09-15 12:15 CDT
======================================================================
Summary: [patch] Unsafe comparisons in tonezone.c
Description:
When building with -Wall -Wextra instead of just -Wall, GCC issue more
warnings, among which some point to really dangerous constructs.
The comparison "size < sizeof(*td)" in build_tone() line 137 yields
"comparison between signed and unsigned" ("size" is of type "int") and
ISO/IEC 9899:TC3 states in "6.3.1.8 Usual arithmetic conversions" that :
"[...] Otherwise, if the operand that has unsigned integer type has rank
greater or equal to the rank of the type of the other operand, then the
operand with signed integer type is converted to the type of the operand
with unsigned integer type. [...]"
So what "size < sizeof(*td)" really means is "(size_t)size < sizeof(*td)"
which is probably not the real intent (the resultant behavior of the
following code in build_tone() would most probably be undefined if "size"
is ever negative).
Same thing in build_mf_tones() line 328.
======================================================================
----------------------------------------------------------------------
(0110698) svnbot (reporter) - 2009-09-15 12:15
https://issues.asterisk.org/view.php?id=14892#c110698
----------------------------------------------------------------------
Repository: dahdi
Revision: 7132
U tools/trunk/tonezone.c
------------------------------------------------------------------------
r7132 | tzafrir | 2009-09-15 12:15:06 -0500 (Tue, 15 Sep 2009) | 5 lines
Fix signed/unsigned comparisons in tonezone.c
(closes issue https://issues.asterisk.org/view.php?id=14892)
Reported by: gknispel_proformatique
------------------------------------------------------------------------
http://svn.digium.com/view/dahdi?view=rev&revision=7132
Issue History
Date Modified Username Field Change
======================================================================
2009-09-15 12:15 svnbot Checkin
2009-09-15 12:15 svnbot Note Added: 0110698
2009-09-15 12:15 svnbot Status new => assigned
2009-09-15 12:15 svnbot Assigned To => tzafrir
2009-09-15 12:15 svnbot Status assigned => resolved
2009-09-15 12:15 svnbot Resolution open => fixed
======================================================================
More information about the asterisk-bugs
mailing list