An expression of the form "1 << x" is undefined if x == 31 because
the "1" is an int and cannot be left shifted by 31.
Instead, use "UINT32_C(1) << x" which will be an unsigned int of
at least 32 bits.
Signed-off-by: James Carter <jwcart2@xxxxxxxxx>
---
libsepol/src/avtab.c | 2 +-
libsepol/src/conditional.c | 6 +++---
libsepol/src/link.c | 4 ++--
libsepol/src/policydb.c | 4 ++--
libsepol/src/services.c | 4 ++--
5 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/libsepol/src/avtab.c b/libsepol/src/avtab.c
index 93505b20..46e1e75d 100644
--- a/libsepol/src/avtab.c
+++ b/libsepol/src/avtab.c
@@ -376,7 +376,7 @@ int avtab_alloc(avtab_t *h, uint32_t nrules)
}
if (shift > 2)
shift = shift - 2;
- nslot = 1 << shift;
+ nslot = UINT32_C(1) << shift;
if (nslot > MAX_AVTAB_HASH_BUCKETS)
nslot = MAX_AVTAB_HASH_BUCKETS;
mask = nslot - 1;
diff --git a/libsepol/src/conditional.c b/libsepol/src/conditional.c
index e3ede694..037dc7e2 100644
--- a/libsepol/src/conditional.c
+++ b/libsepol/src/conditional.c
@@ -411,13 +411,13 @@ int cond_normalize_expr(policydb_t * p, cond_node_t * cn)
}
/* loop through all possible combinations of values for bools in expression */
- for (test = 0x0; test < (0x1U << cn->nbools); test++) {
+ for (test = 0x0; test < (UINT32_C(1) << cn->nbools); test++) {
/* temporarily set the value for all the bools in the
* expression using the corr. bit in test */
for (j = 0; j < cn->nbools; j++) {
p->bool_val_to_struct[cn->bool_ids[j] -
1]->state =
- (test & (0x1 << j)) ? 1 : 0;
+ (test & (UINT32_C(1) << j)) ? 1 : 0;
}
k = cond_evaluate_expr(p, cn->expr);
if (k == -1) {
@@ -428,7 +428,7 @@ int cond_normalize_expr(policydb_t * p, cond_node_t * cn)
}
/* set the bit if expression evaluates true */
if (k)
- cn->expr_pre_comp |= 0x1 << test;
+ cn->expr_pre_comp |= UINT32_C(1) << test;
}
/* restore bool default values */
diff --git a/libsepol/src/link.c b/libsepol/src/link.c
index 461d2feb..7512a4d9 100644
--- a/libsepol/src/link.c
+++ b/libsepol/src/link.c
@@ -1291,10 +1291,10 @@ static int copy_avrule_list(avrule_t * list, avrule_t ** dst,
i <
module->perm_map_len[cur_perm->tclass - 1];
i++) {
- if (!(cur_perm->data & (1U << i)))
+ if (!(cur_perm->data & (UINT32_C(1) << i)))
continue;
new_perm->data |=
- (1U <<
+ (UINT32_C(1) <<
(module->
perm_map[cur_perm->tclass - 1][i] -
1));
diff --git a/libsepol/src/policydb.c b/libsepol/src/policydb.c
index 7093d9b7..587ba64a 100644
--- a/libsepol/src/policydb.c
+++ b/libsepol/src/policydb.c
@@ -4166,7 +4166,7 @@ static sepol_access_vector_t policydb_string_to_av_perm(
hashtab_search(tclass_datum->permissions.table,
(hashtab_key_t)perm_name);
if (perm_datum != NULL)
- return 0x1U << (perm_datum->s.value - 1);
+ return UINT32_C(1) << (perm_datum->s.value - 1);
if (tclass_datum->comdatum == NULL)
return 0;
@@ -4176,7 +4176,7 @@ static sepol_access_vector_t policydb_string_to_av_perm(
(hashtab_key_t)perm_name);
if (perm_datum != NULL)
- return 0x1U << (perm_datum->s.value - 1);
+ return UINT32_C(1) << (perm_datum->s.value - 1);
return 0;
}
diff --git a/libsepol/src/services.c b/libsepol/src/services.c
index 673b3971..3407058f 100644
--- a/libsepol/src/services.c
+++ b/libsepol/src/services.c
@@ -1213,7 +1213,7 @@ int sepol_string_to_av_perm(sepol_security_class_t tclass,
hashtab_search(tclass_datum->permissions.table,
perm_name);
if (perm_datum != NULL) {
- *av = 0x1 << (perm_datum->s.value - 1);
+ *av = UINT32_C(1) << (perm_datum->s.value - 1);
return STATUS_SUCCESS;
}
@@ -1225,7 +1225,7 @@ int sepol_string_to_av_perm(sepol_security_class_t tclass,
perm_name);
if (perm_datum != NULL) {
- *av = 0x1 << (perm_datum->s.value - 1);
+ *av = UINT32_C(1) << (perm_datum->s.value - 1);
return STATUS_SUCCESS;
}
out:
--
2.31.1
