Skip to content

abi: fix macro size overflow #3543

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
lgirdwood merged 1 commit into from
Oct 23, 2020
Merged

abi: fix macro size overflow #3543

lgirdwood merged 1 commit into from
Oct 23, 2020

Conversation

@cujomalainey
Copy link
Contributor

@cujomalainey cujomalainey commented Oct 22, 2020

ubsan found the following bug via oss-fuzz

/src/sof/src/ipc/handler.c:1385:9: runtime error: left shift of 15 by 28 places cannot be represented in type 'int'

This is caused by SOF_GLB_TYPE_MASK which has an implicit length of 15
(int16_t)

Signed-off-by: Curtis Malainey cujomalainey@chromium.org

@cujomalainey cujomalainey requested a review from a team as a code owner October 22, 2020 03:51
@cujomalainey cujomalainey mentioned this pull request Oct 22, 2020
Merged
2 tasks
@lgirdwood
Copy link
Member

lgirdwood commented Oct 22, 2020

CI showing what looks like a CI failure.

lgirdwood
lgirdwood approved these changes Oct 22, 2020
View reviewed changes
Copy link
Member

@lgirdwood lgirdwood left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@plbossart @kv2019i this will be needed in kernel too.

@lgirdwood lgirdwood added the ABI ABI change involved label Oct 22, 2020
@lgirdwood lgirdwood added this to the v1.6 milestone Oct 22, 2020
@cujomalainey
Copy link
Contributor Author

cujomalainey commented Oct 22, 2020

FYI this is blocking oss-fuzz integration as this crashes the fuzzer on first iteration everytime

@cujomalainey
Copy link
Contributor Author

cujomalainey commented Oct 22, 2020

Related kernel PR is here, I spotted another overflow just by code inspection, will update this PR as well

@cujomalainey
abi: fix macro size overflow
3421226 
ubsan found the following bug via oss-fuzz

/src/sof/src/ipc/handler.c:1385:9: runtime error: left shift of 15 by 28 places cannot be represented in type 'int'

This is caused by SOF_GLB_TYPE_MASK which has an implicit length of 15
(int16_t)

Signed-off-by: Curtis Malainey <cujomalainey@chromium.org>
@lgirdwood lgirdwood merged commit 6cd9f6a into thesofproject:master Oct 23, 2020
@lgirdwood
Copy link
Member

lgirdwood commented Oct 23, 2020

@cujomalainey is there a similar kernel fix ?

@cujomalainey
Copy link
Contributor Author

cujomalainey commented Oct 23, 2020

@lgirdwood see link in last comment

@kv2019i kv2019i mentioned this pull request Oct 26, 2020
Closed
@kv2019i kv2019i mentioned this pull request Jan 13, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@lgirdwood lgirdwood lgirdwood approved these changes

Assignees

No one assigned

Labels

ABI ABI change involved

Projects

None yet

Milestone

v1.6

Development

Successfully merging this pull request may close these issues.

2 participants

@cujomalainey @lgirdwood