|
From: <sv...@va...> - 2015-03-12 10:21:37
|
Author: florian
Date: Thu Mar 12 10:21:29 2015
New Revision: 3101
Log:
Fix two undefined behaviours found by ubsan.
Signed integer overflow in multiplication.
Modified:
trunk/priv/guest_amd64_helpers.c
trunk/priv/guest_x86_helpers.c
Modified: trunk/priv/guest_amd64_helpers.c
==============================================================================
--- trunk/priv/guest_amd64_helpers.c (original)
+++ trunk/priv/guest_amd64_helpers.c Thu Mar 12 10:21:29 2015
@@ -439,8 +439,8 @@
{ ULong cf, pf, af, zf, sf, of; \
DATA_STYPE hi; \
DATA_STYPE lo \
- = NARROWtoS( ((DATA_STYPE)CC_DEP1) \
- * ((DATA_STYPE)CC_DEP2) ); \
+ = NARROWtoS( ((DATA_S2TYPE)(DATA_STYPE)CC_DEP1) \
+ * ((DATA_S2TYPE)(DATA_STYPE)CC_DEP2) ); \
DATA_S2TYPE rr \
= NARROWto2S( \
((DATA_S2TYPE)((DATA_STYPE)CC_DEP1)) \
Modified: trunk/priv/guest_x86_helpers.c
==============================================================================
--- trunk/priv/guest_x86_helpers.c (original)
+++ trunk/priv/guest_x86_helpers.c Thu Mar 12 10:21:29 2015
@@ -397,8 +397,8 @@
{ UInt cf, pf, af, zf, sf, of; \
DATA_STYPE hi; \
DATA_STYPE lo \
- = NARROWtoS( ((DATA_STYPE)CC_DEP1) \
- * ((DATA_STYPE)CC_DEP2) ); \
+ = NARROWtoS( ((DATA_S2TYPE)(DATA_STYPE)CC_DEP1) \
+ * ((DATA_S2TYPE)(DATA_STYPE)CC_DEP2) ); \
DATA_S2TYPE rr \
= NARROWto2S( \
((DATA_S2TYPE)((DATA_STYPE)CC_DEP1)) \
|