From: Sami Kerola <kerolasa@iki.fi>
Date: Sat, 8 Aug 2020 18:45:30 +0000 (+0100)
Subject: unshare: fix bad bit shift operation [coverity scan]
X-Git-Tag: v2.37-rc1~417
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=232fcae81c8fe9128485cd3b070e3e231993b51b;p=thirdparty%2Futil-linux.git

unshare: fix bad bit shift operation [coverity scan]

Variable cap was 32 bits and shifting it by 64 bits resulted to the shift
going over a variable boundary.

CID: 360799
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
Signed-off-by: Karel Zak <kzak@redhat.com>
---

diff --git a/sys-utils/unshare.c b/sys-utils/unshare.c
index 47c468d79a..cd5fe68f8c 100644
--- a/sys-utils/unshare.c
+++ b/sys-utils/unshare.c
@@ -675,8 +675,7 @@ int main(int argc, char *argv[])
 		};
 
 		struct __user_cap_data_struct payload[_LINUX_CAPABILITY_U32S_3] = {{ 0 }};
-		int cap;
-		uint64_t effective;
+		uint64_t effective, cap;
 
 		if (capget(&header, payload) < 0)
 			err(EXIT_FAILURE, _("capget failed"));
@@ -691,10 +690,10 @@ int main(int argc, char *argv[])
 
 		effective = ((uint64_t)payload[1].effective << 32) |  (uint64_t)payload[0].effective;
 
-		for (cap = 0; cap < 64; cap++) {
+		for (cap = 0; cap < (sizeof(effective) * 8); cap++) {
 			/* This is the same check as cap_valid(), but using
 			 * the runtime value for the last valid cap. */
-			if (cap > cap_last_cap())
+			if (cap > (uint64_t) cap_last_cap())
 				continue;
 
 			if ((effective & (1 << cap))