Skip to content

Commit

Permalink
Prevent signed integer overflow in LOC record conversion
Browse files Browse the repository at this point in the history
Reported by UBSan:

sillyrecords.cc:301:42: runtime error: signed integer overflow: 2031844648 - -2147483648 cannot be represented in type 'int'
    #0 0x55ab56ff5fbd in LOCRecordContent::getZoneRepresentation(bool) const /home/travis/build/rgacogne/pdns/pdns/recursordist/pdns-recursor-0.0.0.0.HEAD.ge217873f32.dirty/sillyrecords.cc:301:42
    #1 0x55ab571da021 in test_dnsrecords_cc::test_record_types::test_method() /home/travis/build/rgacogne/pdns/pdns/recursordist/pdns-recursor-0.0.0.0.HEAD.ge217873f32.dirty/test-dnsrecords_cc.cc:232:11
    #2 0x55ab571c9a4a in test_dnsrecords_cc::test_record_types_invoker() /home/travis/build/rgacogne/pdns/pdns/recursordist/pdns-recursor-0.0.0.0.HEAD.ge217873f32.dirty/test-dnsrecords_cc.cc:42:1
    #3 0x55ab57136125 in boost::unit_test::ut_detail::callback0_impl_t<boost::unit_test::ut_detail::unused, void (*)()>::invoke() /usr/include/boost/test/utils/callback.hpp:89:46
    #4 0x2b0b90cfa1f0  (/usr/lib/x86_64-linux-gnu/libboost_unit_test_framework.so.1.54.0+0x681f0)
    #5 0x2b0b90cd5545 in boost::execution_monitor::catch_signals(boost::unit_test::callback0<int> const&) (/usr/lib/x86_64-linux-gnu/libboost_unit_test_framework.so.1.54.0+0x43545)
    #6 0x2b0b90cd5d82 in boost::execution_monitor::execute(boost::unit_test::callback0<int> const&) (/usr/lib/x86_64-linux-gnu/libboost_unit_test_framework.so.1.54.0+0x43d82)
    #7 0x2b0b90cfa2f1 in boost::unit_test::unit_test_monitor_t::execute_and_translate(boost::unit_test::test_case const&) (/usr/lib/x86_64-linux-gnu/libboost_unit_test_framework.so.1.54.0+0x682f1)
    #8 0x2b0b90ce3f93 in boost::unit_test::framework_impl::visit(boost::unit_test::test_case const&) (/usr/lib/x86_64-linux-gnu/libboost_unit_test_framework.so.1.54.0+0x51f93)
    #9 0x2b0b90d12d22 in boost::unit_test::traverse_test_tree(boost::unit_test::test_suite const&, boost::unit_test::test_tree_visitor&) (/usr/lib/x86_64-linux-gnu/libboost_unit_test_framework.so.1.54.0+0x80d22)
    #10 0x2b0b90d12d22 in boost::unit_test::traverse_test_tree(boost::unit_test::test_suite const&, boost::unit_test::test_tree_visitor&) (/usr/lib/x86_64-linux-gnu/libboost_unit_test_framework.so.1.54.0+0x80d22)
    #11 0x2b0b90cdf4b9 in boost::unit_test::framework::run(unsigned long, bool) (/usr/lib/x86_64-linux-gnu/libboost_unit_test_framework.so.1.54.0+0x4d4b9)
    #12 0x2b0b90cf7ed3 in boost::unit_test::unit_test_main(bool (*)(), int, char**) (/usr/lib/x86_64-linux-gnu/libboost_unit_test_framework.so.1.54.0+0x65ed3)
    #13 0x2b0b92d59f44 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21f44)
    #14 0x55ab56b37961 in _start (/home/travis/build/rgacogne/pdns/pdns/recursordist/pdns-recursor-0.0.0.0.HEAD.ge217873f32.dirty/testrunner+0x1bc3961)

(cherry picked from commit 98576e1)
  • Loading branch information
rgacogne committed Dec 16, 2020
1 parent 2dadda4 commit 5e94eea
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions pdns/sillyrecords.cc
Original file line number Diff line number Diff line change
Expand Up @@ -298,8 +298,8 @@ string LOCRecordContent::getZoneRepresentation(bool noDot) const
// convert d_version, d_size, d_horiz/vertpre, d_latitude, d_longitude, d_altitude to:
// 51 59 00.000 N 5 55 00.000 E 4.00m 1.00m 10000.00m 10.00m

double latitude= ((int32_t)d_latitude - (1<<31))/3600000.0;
double longitude=((int32_t)d_longitude - (1<<31))/3600000.0;
double latitude= ((int32_t)((uint32_t)d_latitude - ((uint32_t)1<<31)))/3600000.0;
double longitude=((int32_t)((uint32_t)d_longitude - ((uint32_t)1<<31)))/3600000.0;
double altitude= ((int32_t)d_altitude )/100.0 - 100000;

double size=0.01*((d_size>>4)&0xf);
Expand Down

0 comments on commit 5e94eea

Please sign in to comment.