Bug 975489 - Additional flags might have no effect on 32bit architectures
Summary: Additional flags might have no effect on 32bit architectures
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: libtevent
Version: 6.4
Hardware: Unspecified
OS: Unspecified
Target Milestone: rc
: ---
Assignee: Jakub Hrozek
QA Contact: Kaushik Banerjee
Depends On: 975488 975490
TreeView+ depends on / blocked
Reported: 2013-06-18 15:07 UTC by Jakub Hrozek
Modified: 2013-11-21 05:42 UTC (History)
4 users (show)

Fixed In Version: libtevent-0.9.18-2.el6
Doc Type: Bug Fix
Doc Text:
Clone Of: 975488
Last Closed: 2013-11-21 05:42:26 UTC
Target Upstream Version:

Attachments (Terms of Use)

System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2013:1552 0 normal SHIPPED_LIVE libtevent bug fix and enhancement update 2013-11-20 21:40:31 UTC

Description Jakub Hrozek 2013-06-18 15:07:36 UTC
+++ This bug was initially created as a clone of Bug #975488 +++

Description of problem:
Samba upstream found via Coverity check that the latest tevent (which we rebase to in 5.10) contains a bug. There is an assignment from uint64_t to unsigned int and later a comparison against UINT64_t. On 32bit platforms, "unsigned" could be less than uint64_t, so idx==UINT64_MAX is always false.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. don't reproduce, just sanity testing.

Actual results:

Expected results:

Additional info:

$ git log  dd0e38b5feb51c8aa44e76bb6c84202bf8373005 -1 -p
commit dd0e38b5feb51c8aa44e76bb6c84202bf8373005
Author: Volker Lendecke <vl@samba.org>
Date:   Thu Jun 13 20:35:32 2013 +0200

    tevent: Fix Coverity ID 989236 Operands don't affect result
    "unsigned" could be less than uint64_t, so idx==UINT64_MAX is always false.
    Signed-off-by: Volker Lendecke <vl@samba.org>
    Reviewed-by: Jeremy Allison <jra@samba.org>

diff --git a/lib/tevent/tevent_poll.c b/lib/tevent/tevent_poll.c
index c6e2a00..75d0ced 100644
--- a/lib/tevent/tevent_poll.c
+++ b/lib/tevent/tevent_poll.c
@@ -546,7 +546,7 @@ static int poll_event_loop_poll(struct tevent_context *ev,
           the handler to remove itself when called */
        for (fde = ev->fd_events; fde; fde = fde->next) {
-               unsigned idx = fde->additional_flags;
+               uint64_t idx = fde->additional_flags;
                struct pollfd *pfd;
                uint16_t flags = 0;

Comment 7 Amith 2013-10-25 14:09:26 UTC
Verified the bug on libtevent version: libtevent-0.9.18-3.el6

Sanity tests passed and no related regression detected.

Comment 9 errata-xmlrpc 2013-11-21 05:42:26 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.