From 30dec070dd8c5193774f08098dcde7118491017b Mon Sep 17 00:00:00 2001
From: Nick Kralevich <nnk@google.com>
Date: Wed, 20 Mar 2019 13:04:02 -0700
Subject: [PATCH] libziparchive: add integer checks

The code in libziparchive has lots of questionable looking but not
obviously wrong integer operations. In order to shake out integer bugs
in libziparchive (for example, commit
1ee4892e66ba314131b7ecf17e98bb1762c4b84c from bug 31251826) and provide
protection against security bugs, enable some integer sanitization
options in libziparchive.

Bug: 122975762
Bug: https://bugs.chromium.org/p/chromium/issues/detail?id=941802
Test: device boots and no obvious problems.
Change-Id: I215d81892a6eff12d692648c69a03e8200b334d7
---
 libziparchive/Android.bp | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/libziparchive/Android.bp b/libziparchive/Android.bp
index 9538bba10..bc1543b9a 100644
--- a/libziparchive/Android.bp
+++ b/libziparchive/Android.bp
@@ -38,6 +38,19 @@ cc_defaults {
             ],
         },
     },
+    sanitize: {
+        misc_undefined: [
+            "signed-integer-overflow",
+            "unsigned-integer-overflow",
+            "shift",
+            "integer-divide-by-zero",
+            "implicit-signed-integer-truncation",
+            // TODO: Fix crash when we enable this option
+            // "implicit-unsigned-integer-truncation",
+            // TODO: not tested yet.
+            // "implicit-integer-sign-change",
+        ],
+    },
 }
 
 cc_defaults {