[asterisk-bugs] [JIRA] (ASTERISK-25761) USAN: Potential runtime errors causing undefined behavior

Corey Farrell (JIRA) noreply at issues.asterisk.org
Fri Feb 12 13:03:32 CST 2016 

    [ https://issues.asterisk.org/jira/browse/ASTERISK-25761?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=229456#comment-229456 ] 

Corey Farrell edited comment on ASTERISK-25761 at 2/12/16 1:01 PM:
-------------------------------------------------------------------

-I've just looked at some of the reports against chan_sip.  I think the scanner is wrong.  It claims "left shift of 1 by 31 places cannot be represented in type 'int'".  The fields being operated on are actually 'unsigned int', so (1 << 31) is valid.-

This was incorrect, though I still don't believe the warning has any real effect.


was (Author: coreyfarrell):
I've just looked at some of the reports against chan_sip.  I think the scanner is wrong.  It claims "left shift of 1 by 31 places cannot be represented in type 'int'".  The fields being operated on are actually 'unsigned int', so (1 << 31) is valid.

> USAN: Potential runtime errors causing undefined behavior
> ---------------------------------------------------------
>
>                 Key: ASTERISK-25761
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-25761
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>    Affects Versions: 13.7.0
>         Environment: gcc version 5.2.1 20150902 (Red Hat 5.2.1-2) (GCC)
>            Reporter: Badalian Vyacheslav
>            Severity: Minor
>
> Hello!
> I send you a list of the errors found. Usan test. All errors are shown at the time of loading of modules. I hope you would be interested :)
> {code}
> /root/asterisk-13.7.0/include/asterisk/strings.h	1181	15	 runtime error	 signed integer overflow  193410279 * 33 cannot be represented in type 'int'
> /root/asterisk-13.7.0/include/asterisk/strings.h	1221	15	 runtime error	 signed integer overflow  193404514 * 33 cannot be represented in type 'int'
> chan_iax2.c	13511	2	 runtime error	 left shift of 1 by 31 places cannot be represented in type 'int'
> chan_sip.c	8724	2	 runtime error	 left shift of 1 by 31 places cannot be represented in type 'int'
> chan_sip.c	8725	2	 runtime error	 left shift of 3 by 30 places cannot be represented in type 'int'
> chan_sip.c	29976	3	 runtime error	 left shift of 1 by 31 places cannot be represented in type 'int'
> chan_sip.c	29977	3	 runtime error	 left shift of 1 by 31 places cannot be represented in type 'int'
> chan_sip.c	30304	2	 runtime error	 left shift of 1 by 31 places cannot be represented in type 'int'
> chan_sip.c	30305	2	 runtime error	 left shift of 3 by 30 places cannot be represented in type 'int'
> codec_adpcm.c	151	23	 runtime error	 left shift of negative value -4
> codec_g726.c	621	25	 runtime error	 left shift of negative value -12
> codec_g726.c	678	25	 runtime error	 left shift of negative value -12
> el.c	244	21	 runtime error	 left shift of negative value -2
> format_cap.c	173	7	 runtime error	 null pointer passed as argument 2, which is declared to never be null
> g722/g722_decode.c	80	39	 runtime error	 left shift of negative value -192
> g722/g722_decode.c	373	49	 runtime error	 left shift of negative value -1
> g722/g722_encode.c	80	39	 runtime error	 left shift of negative value -1
> src/lpc.c	156	28	 runtime error	 left shift of negative value -2961983
> src/lpc.c	235	42	 runtime error	 left shift of negative value -3457934
> src/preprocess.c	92	8	 runtime error	 left shift of negative value -4
> src/rpe.c	336	16	 runtime error	 left shift of negative value -4
> src/rpe.c	380	8	 runtime error	 left shift of negative value -1
> src/short_term.c	64	2	 runtime error	 left shift of negative value -18
> src/short_term.c	67	2	 runtime error	 left shift of negative value -2560
> src/short_term.c	70	2	 runtime error	 left shift of negative value -1792
> src/short_term.c	71	2	 runtime error	 left shift of negative value -341
> src/short_term.c	72	2	 runtime error	 left shift of negative value -1
> stasis_message_router.c	113	8	 runtime error	 null pointer passed as argument 2, which is declared to never be null
> stasis.c	913	8	 runtime error	 null pointer passed as argument 2, which is declared to never be null
> stdtime/localtime.c	828	20	 runtime error	 left shift of negative value -1
> {code}



--
This message was sent by Atlassian JIRA
(v6.2#6252)

More information about the asterisk-bugs mailing list