From 8e4059044ca8830c145bcb349cec836b72976039 Mon Sep 17 00:00:00 2001 From: Kinan Hakim Date: Fri, 8 Jan 2016 10:38:08 +0100 Subject: Avoid some unsigned integer overflow errors. In some cases, the code intends overflow to occur and relies on the defined behavior for unsigned integer wraparound; detection has been switched off in these cases. In other cases, the overflow was undesired; these cases have been fixed to avoid the overflow. --- source/dng_fingerprint.cpp | 3 +++ source/dng_fingerprint.h | 14 +++++++++++++- source/dng_info.cpp | 2 +- source/dng_mosaic_info.cpp | 12 +++++++++--- source/dng_reference.cpp | 10 +++++----- source/dng_resample.cpp | 6 +++--- source/dng_utils.h | 8 ++++++++ 7 files changed, 42 insertions(+), 13 deletions(-) diff --git a/source/dng_fingerprint.cpp b/source/dng_fingerprint.cpp index 5256873..8aa2673 100644 --- a/source/dng_fingerprint.cpp +++ b/source/dng_fingerprint.cpp @@ -448,6 +448,9 @@ void dng_md5_printer::Decode (uint32 *output, // MD5 basic transformation. Transforms state based on block. +#if defined(__clang__) +__attribute__((no_sanitize("unsigned-integer-overflow"))) +#endif void dng_md5_printer::MD5Transform (uint32 state [4], const uint8 block [64]) { diff --git a/source/dng_fingerprint.h b/source/dng_fingerprint.h index b8c5cfb..58c0762 100644 --- a/source/dng_fingerprint.h +++ b/source/dng_fingerprint.h @@ -225,7 +225,10 @@ class dng_md5_printer } // FF, GG, HH, and II transformations for rounds 1, 2, 3, and 4. - + +#if defined(__clang__) + __attribute__((no_sanitize("unsigned-integer-overflow"))) +#endif static inline void FF (uint32 &a, uint32 b, uint32 c, @@ -239,6 +242,9 @@ class dng_md5_printer a += b; } +#if defined(__clang__) + __attribute__((no_sanitize("unsigned-integer-overflow"))) +#endif static inline void GG (uint32 &a, uint32 b, uint32 c, @@ -252,6 +258,9 @@ class dng_md5_printer a += b; } +#if defined(__clang__) + __attribute__((no_sanitize("unsigned-integer-overflow"))) +#endif static inline void HH (uint32 &a, uint32 b, uint32 c, @@ -265,6 +274,9 @@ class dng_md5_printer a += b; } +#if defined(__clang__) + __attribute__((no_sanitize("unsigned-integer-overflow"))) +#endif static inline void II (uint32 &a, uint32 b, uint32 c, diff --git a/source/dng_info.cpp b/source/dng_info.cpp index 35bec3c..e2d72a3 100644 --- a/source/dng_info.cpp +++ b/source/dng_info.cpp @@ -1521,7 +1521,7 @@ void dng_info::ParseDNGPrivateData (dng_host &host, #endif uint16 order_mark = stream.Get_uint16 (); - uint64 old_offset = stream.Get_uint32 (); + int64 old_offset = stream.Get_uint32 (); uint32 tempSize = section_count - 6; diff --git a/source/dng_mosaic_info.cpp b/source/dng_mosaic_info.cpp index c3b116e..6d49894 100644 --- a/source/dng_mosaic_info.cpp +++ b/source/dng_mosaic_info.cpp @@ -286,14 +286,20 @@ class dng_bilinear_pattern private: +#if defined(__clang__) +__attribute__((no_sanitize("unsigned-integer-overflow"))) +#endif uint32 DeltaRow (uint32 row, int32 delta) { - return (row + fPatRows + delta) % fPatRows; + return (row + fPatRows + (uint32) delta) % fPatRows; } - + +#if defined(__clang__) +__attribute__((no_sanitize("unsigned-integer-overflow"))) +#endif uint32 DeltaCol (uint32 col, int32 delta) { - return (col + fPatCols + delta) % fPatCols; + return (col + fPatCols + (uint32) delta) % fPatCols; } real32 LinearWeight1 (int32 d1, int32 d2) diff --git a/source/dng_reference.cpp b/source/dng_reference.cpp index 3feb195..156726d 100644 --- a/source/dng_reference.cpp +++ b/source/dng_reference.cpp @@ -1419,12 +1419,12 @@ void RefBaselineHueSatMap (const real32 *sPtrR, valDivisions); real32 hScale = (hueDivisions < 2) ? 0.0f : (hueDivisions * (1.0f / 6.0f)); - real32 sScale = (real32) (satDivisions - 1); - real32 vScale = (real32) (valDivisions - 1); + real32 sScale = (real32) ((int32) satDivisions - 1); + real32 vScale = (real32) ((int32) valDivisions - 1); - int32 maxHueIndex0 = hueDivisions - 1; - int32 maxSatIndex0 = satDivisions - 2; - int32 maxValIndex0 = valDivisions - 2; + int32 maxHueIndex0 = (int32) hueDivisions - 1; + int32 maxSatIndex0 = (int32) satDivisions - 2; + int32 maxValIndex0 = (int32) valDivisions - 2; const bool hasEncodeTable = ((encodeTable != NULL) && (encodeTable->Table () != NULL)); const bool hasDecodeTable = ((decodeTable != NULL) && (decodeTable->Table () != NULL)); diff --git a/source/dng_resample.cpp b/source/dng_resample.cpp index 3d98b7f..122bff9 100644 --- a/source/dng_resample.cpp +++ b/source/dng_resample.cpp @@ -231,7 +231,7 @@ void dng_resample_weights::Initialize (real64 scale, for (j = 0; j < width; j++) { - int32 k = j - fRadius + 1; + int32 k = (int32) j - (int32) fRadius + 1; real64 x = (k - fract) * scale; @@ -393,13 +393,13 @@ void dng_resample_weights_2d::Initialize (const dng_resample_function &kernel, for (uint32 i = 0; i < width; i++) { - int32 yInt = ((int32) i) - fRadius + 1; + int32 yInt = ((int32) i) - (int32) fRadius + 1; real64 yPos = yInt - yFract; for (uint32 j = 0; j < width; j++) { - int32 xInt = ((int32) j) - fRadius + 1; + int32 xInt = ((int32) j) - (int32) fRadius + 1; real64 xPos = xInt - xFract; #if 0 diff --git a/source/dng_utils.h b/source/dng_utils.h index 99b9610..d6b79c6 100644 --- a/source/dng_utils.h +++ b/source/dng_utils.h @@ -26,6 +26,11 @@ /*****************************************************************************/ +// The unsigned integer overflow is intended here since a wrap around is used to +// calculate the abs() in the branchless version. +#if defined(__clang__) +__attribute__((no_sanitize("unsigned-integer-overflow"))) +#endif inline uint32 Abs_int32 (int32 x) { @@ -1130,6 +1135,9 @@ inline int32 Mulsh86 (int32 x, int32 y) // This is the ACM standard 30 bit generator: // x' = (x * 16807) mod 2^31-1 +#if defined(__clang__) +__attribute__((no_sanitize("unsigned-integer-overflow"))) +#endif inline uint32 DNG_Random (uint32 seed) { -- cgit v1.2.3