Undefined behaviour in lodepng_read32bitInt()

[vkoskiv]

Compiler: Apple clang 11.0.0 Compiler flags: -Wall -std=gnu99 -fsanitize=undefined -O0 -g OS: macOS 10.15

I was testing my program with clang's UB sanitizer and got this runtime error:

runtime error: left shift of 242 by 24 places cannot be represented in type 'int'

This happened after invoking lodepng_decode24_file() Let me know if you need additional traces/source image to reproduce.

[lvandeve]

On my system I couldn't reproduce the error with asan, but I can understand why it happens.

I made integers unsigned in commit https://github.com/lvandeve/lodepng/commit/378b01d18ad181bd383f1dd9e0346950a4b141d1

Does this help? If it doesn't help, then I'll try a next thing which is casts of each unsigned char to unsigned.

[vkoskiv]

I applied that patch and it still reports the same issue on my system. (x86_64)

Note how I'm not using the address sanitizer, but rather the undefined behaviour sanitizer in clang.

[lvandeve]

Trying with -fsanitize=undefined and -O0 now, somehow my clang (v8.0.0, latest release on linux) doesn't want to give the same error even when manually shifting various integer types with those values.

More traces or the original file you reproduced it would be helpful, if you still have them.

Thanks :)