diff options
| author | Chris Liddell <chris.liddell@artifex.com> | 2019-10-25 13:52:44 +0100 |
|---|---|---|
| committer | Chris Liddell <chris.liddell@artifex.com> | 2019-10-25 15:43:18 +0100 |
| commit | 17ad4a12dd40799655b71a93de1209a6a0f24204 (patch) | |
| tree | 358e94bb928d817d6334fc7164410ff23c19b7f5 | |
| parent | 62a1c3cdbb374d2f90b00f7aa276be50961c580a (diff) | |
| download | ghostpdl-17ad4a12dd40799655b71a93de1209a6a0f24204.tar.gz | |
Coverity issues: Assignment of overlapping union members
Strictly speaking assigning one element of union to another, overlapping
element of a different size is undefined behavior, hence assign to intermediate
variables before setting the other element in the union.
Coverity #: 350159, 350173, 350205, 350176, 350215, 350192
| -rw-r--r-- | base/gsfunc4.c | 9 | ||||
| -rw-r--r-- | base/gsparam.c | 25 | ||||
| -rw-r--r-- | pcl/pcl/pgparse.c | 9 | ||||
| -rw-r--r-- | psi/zfont2.c | 10 | ||||
| -rw-r--r-- | psi/ztype.c | 9 |
5 files changed, 53 insertions, 9 deletions
diff --git a/base/gsfunc4.c b/base/gsfunc4.c index 1508d49b9..f71fa63af 100644 --- a/base/gsfunc4.c +++ b/base/gsfunc4.c @@ -305,9 +305,16 @@ fn_PtCr_evaluate(const gs_function_t *pfn_common, const float *in, float *out) vsp->value.f = gs_cos_degrees(vsp->value.f); continue; case PtCr_cvi: - vsp->value.i = (int)(vsp->value.f); + { + /* Strictly speaking assigning one element of union + * to another, overlapping element of a different size is + * undefined behavior, hence assign to an intermediate variable + */ + int int1 = (int)(vsp->value.f); + vsp->value.i = int1; vsp->type = CVT_INT; continue; + } case PtCr_cvr: continue; /* prepare handled it */ case PtCr_div: diff --git a/base/gsparam.c b/base/gsparam.c index b235d8601..80cb0b2aa 100644 --- a/base/gsparam.c +++ b/base/gsparam.c @@ -171,15 +171,25 @@ param_coerce_typed(gs_param_typed_value * pvalue, gs_param_type req_type, * right now we can't. However, a 0-length heterogenous array * will satisfy a request for any specific type. */ + /* Strictly speaking assigning one element of union + * to another, overlapping element of a different size is + * undefined behavior, hence assign to intermediate variables + */ switch (pvalue->type /* actual type */ ) { case gs_param_type_int: switch (req_type) { case gs_param_type_long: - pvalue->value.l = pvalue->value.i; + { + long l = (long)pvalue->value.i; + pvalue->value.l = l; goto ok; + } case gs_param_type_float: - pvalue->value.f = (float)pvalue->value.l; + { + float fl = (float)pvalue->value.l; + pvalue->value.f = fl; goto ok; + } default: break; } @@ -187,15 +197,22 @@ param_coerce_typed(gs_param_typed_value * pvalue, gs_param_type req_type, case gs_param_type_long: switch (req_type) { case gs_param_type_int: + { + int int1; #if ARCH_SIZEOF_INT < ARCH_SIZEOF_LONG if (pvalue->value.l != (int)pvalue->value.l) return_error(gs_error_rangecheck); #endif - pvalue->value.i = (int)pvalue->value.l; + int1 = (int)pvalue->value.l; + pvalue->value.i = int1; goto ok; + } case gs_param_type_float: - pvalue->value.f = (float)pvalue->value.l; + { + float fl = (float)pvalue->value.l; + pvalue->value.f = fl; goto ok; + } default: break; } diff --git a/pcl/pcl/pgparse.c b/pcl/pcl/pgparse.c index aee4f41ed..d02f9da71 100644 --- a/pcl/pcl/pgparse.c +++ b/pcl/pcl/pgparse.c @@ -272,7 +272,14 @@ hpgl_arg(const gs_memory_t * mem, hpgl_parser_state_t * pst) pvalue->v_n.r = 0; break; case 1: - pvalue->v_n.r = pvalue->v_n.i; + { + /* Strictly speaking assigning one element of union + * to another, overlapping element of a different size is + * undefined behavior, hence assign to an intermediate variable + */ + double r = (double)pvalue->v_n.i; + pvalue->v_n.r = r; + } } parg->have_value = 2; parg->frac_scale = 1.0; diff --git a/psi/zfont2.c b/psi/zfont2.c index 19c1e9ef4..6e424c9d6 100644 --- a/psi/zfont2.c +++ b/psi/zfont2.c @@ -1667,8 +1667,14 @@ undelta(ref *ops, unsigned int cnt) unsigned int i; for (i = 0; i < cnt; i++) { - if (!r_has_type(&ops[i], t_real)) - make_real(&ops[i], (float)ops[i].value.intval); + if (!r_has_type(&ops[i], t_real)) { + /* Strictly speaking assigning one element of union + * to another, overlapping element of a different size is + * undefined behavior, hence assign to an intermediate variable + */ + float fl = (float)ops[i].value.intval; + make_real(&ops[i], fl); + } } for (i = 1; i < cnt; i++) { make_real(&ops[i], ops[i].value.realval + ops[i - 1].value.realval); diff --git a/psi/ztype.c b/psi/ztype.c index f42f35e09..94e5e032a 100644 --- a/psi/ztype.c +++ b/psi/ztype.c @@ -304,7 +304,14 @@ zcvr(i_ctx_t *i_ctx_p) switch (r_type(op)) { case t_integer: - make_real(op, (float)op->value.intval); + { + /* Strictly speaking assigning one element of union + * to another, overlapping element of a different size is + * undefined behavior, hence assign to an intermediate variable + */ + float fl = (float)op->value.intval; + make_real(op, fl); + } case t_real: return 0; default: |