libziparchive: add integer checks

The code in libziparchive has lots of questionable looking but not obviously wrong integer operations. In order to shake out integer bugs in libziparchive (for example, commit 1ee4892e66 from bug 31251826) and provide protection against security bugs, enable some integer sanitization options in libziparchive. Bug: 122975762 Bug: https://bugs.chromium.org/p/chromium/issues/detail?id=941802 Test: device boots and no obvious problems. Change-Id: I215d81892a6eff12d692648c69a03e8200b334d7
2019-03-20 13:04:02 -07:00 · 2019-03-20 13:04:02 -07:00 · 30dec070dd
commit 30dec070dd
parent b4ef0beb99
1 changed files with 13 additions and 0 deletions
--- a/libziparchive/Android.bp
+++ b/libziparchive/Android.bp
@ -38,6 +38,19 @@ cc_defaults {
            ],
        },
    },
+    sanitize: {
+        misc_undefined: [
+            "signed-integer-overflow",
+            "unsigned-integer-overflow",
+            "shift",
+            "integer-divide-by-zero",
+            "implicit-signed-integer-truncation",
+            // TODO: Fix crash when we enable this option
+            // "implicit-unsigned-integer-truncation",
+            // TODO: not tested yet.
+            // "implicit-integer-sign-change",
+        ],
+    },
 }

 cc_defaults {