From f2e5ea768b095644932c010824a435379975a6ca Mon Sep 17 00:00:00 2001 From: Janis Danisevskis Date: Tue, 2 Apr 2019 15:23:19 -0700 Subject: Annotate intended unsigned overflow Annotate intended unsigned overflow in CodedInputStream::ReadTagWithCutoff. Bug: 128991260 Test: Manual test setup with gdb and keystore. Change-Id: I11ad92932d4938d77f3d1c33fe7f31a03e0da25e --- src/google/protobuf/io/coded_stream.h | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/src/google/protobuf/io/coded_stream.h b/src/google/protobuf/io/coded_stream.h index c81a33ac6..7b742a18e 100644 --- a/src/google/protobuf/io/coded_stream.h +++ b/src/google/protobuf/io/coded_stream.h @@ -985,7 +985,11 @@ inline std::pair CodedInputStream::ReadTagWithCutoff( } // Slow path last_tag_ = ReadTagFallback(first_byte_or_zero); - return std::make_pair(last_tag_, static_cast(last_tag_ - 1) < cutoff); + // If last_tag_ == 0 we want to return { 0, false } so the following overflow is intended. + // We use __builtin_add_overflow to appease the sub-overflow UB sanitizer. + uint32_t last_tag_minus_one; + __builtin_add_overflow(last_tag_, -1, &last_tag_minus_one); + return std::make_pair(last_tag_, last_tag_minus_one < cutoff); } inline bool CodedInputStream::LastTagWas(uint32 expected) { -- cgit v1.2.3