From 6c4dfb8a63e86a819e08d1122e9dc0843ace0879 Mon Sep 17 00:00:00 2001 From: Lucian Grijincu Date: Mon, 9 May 2016 21:16:26 -0700 Subject: [PATCH] folly: ubsan: cast to unsigned to avoid negative-left-shift MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Summary: The result of E1 << E2 is E1 left-shifted E2 bit positions; vacated bits are filled with zeros. If E1 has a signed type and non-negative value, and E1 × 2E2 is representable in the result type, then that is the resulting value; otherwise, the behavior is undefined. The code assumed the signed left shift worked like an unsigned left shift, so make that explicit. Reviewed By: meyering Differential Revision: D3280325 fbshipit-source-id: 178b95ee36b7a1126a79bb825c2ad2ffa6fa9464 --- folly/Varint.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/folly/Varint.h b/folly/Varint.h index d2e661eb..e4af0c19 100644 --- a/folly/Varint.h +++ b/folly/Varint.h @@ -71,7 +71,8 @@ uint64_t decodeVarint(Range& data); inline uint64_t encodeZigZag(int64_t val) { // Bit-twiddling magic stolen from the Google protocol buffer document; // val >> 63 is an arithmetic shift because val is signed - return static_cast((val << 1) ^ (val >> 63)); + auto uval = static_cast(val); + return static_cast((uval << 1) ^ (val >> 63)); } inline int64_t decodeZigZag(uint64_t val) { -- 2.34.1