...
| Code Block |
|---|
|
unsigned int ui1ui_a;
unsigned int ui2ui_b;
unsigned int uresult;
/* Initialize ui1ui_a and ui2ui_b */
uresult = ui1ui_a << ui2ui_b;
|
Compliant Solution (Left Shift, Unsigned Type)
...
| Code Block |
|---|
|
unsigned int ui1ui_a;
unsigned int ui2ui_b;
unsigned int uresult;
/* Initialize ui1ui_a and ui2ui_b */
if (ui2ui_b >= sizeof(unsigned int)*CHAR_BIT) {
/* Handle error condition */
} else {
uresult = ui1ui_a << ui2ui_b;
}
|
Modulo behavior resulting from left-shifting an unsigned integer type is permitted by this standard.
...
| Code Block |
|---|
|
unsigned int ui1ui_a;
unsigned int ui2ui_b;
unsigned int uresult;
/* Initialize ui1ui_a and ui2ui_b */
uresult = ui1ui_a >> ui2ui_b;
|
Making assumptions about whether a right shift is implemented as an arithmetic (signed) shift or a logical (unsigned) shift can also lead to vulnerabilities. See INT13-C. Use bitwise operators only on unsigned operands.
...
| Code Block |
|---|
|
unsigned int ui1ui_a;
unsigned int ui2ui_b;
unsigned int uresult;
/* Initialize ui1ui_a and ui2ui_b */
if (ui2ui_b >= sizeof(unsigned int) * CHAR_BIT) {
/* Handle error condition */
}
else {
uresult = ui1ui_a >> ui2ui_b;
}
|
Implementation Details
...
