Mercurial > hg > nginx
comparison src/http/v2/ngx_http_v2.h @ 6627:ad736705a744
HTTP/2: avoid left-shifting signed integer into the sign bit.
On non-aligned platforms, properly cast argument before left-shifting it in
ngx_http_v2_parse_uint32 that is used with u_char. Otherwise it propagates
to int to hold the value and can step over the sign bit. Usually, on known
compilers, this results in negation. Furthermore, a subsequent store into a
wider type, that is ngx_uint_t on 64-bit platforms, results in sign-extension.
In practice, this can be observed in debug log as a very large exclusive bit
value, when client sent PRIORITY frame with exclusive bit set:
: *14 http2 PRIORITY frame sid:5 on 1 excl:8589934591 weight:17
Found with UndefinedBehaviorSanitizer.
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Thu, 07 Jul 2016 21:03:21 +0300 |
parents | ce94f07d5082 |
children | 5e95b9fb33b7 |
comparison
equal
deleted
inserted
replaced
6626:b3682580c1bd | 6627:ad736705a744 |
---|---|
296 | 296 |
297 #else | 297 #else |
298 | 298 |
299 #define ngx_http_v2_parse_uint16(p) ((p)[0] << 8 | (p)[1]) | 299 #define ngx_http_v2_parse_uint16(p) ((p)[0] << 8 | (p)[1]) |
300 #define ngx_http_v2_parse_uint32(p) \ | 300 #define ngx_http_v2_parse_uint32(p) \ |
301 ((p)[0] << 24 | (p)[1] << 16 | (p)[2] << 8 | (p)[3]) | 301 ((uint32_t) (p)[0] << 24 | (p)[1] << 16 | (p)[2] << 8 | (p)[3]) |
302 | 302 |
303 #endif | 303 #endif |
304 | 304 |
305 #define ngx_http_v2_parse_length(p) ((p) >> 8) | 305 #define ngx_http_v2_parse_length(p) ((p) >> 8) |
306 #define ngx_http_v2_parse_type(p) ((p) & 0xff) | 306 #define ngx_http_v2_parse_type(p) ((p) & 0xff) |