From 9cc7662cffb22832a8020868c5ec8caf42ab5f8b Mon Sep 17 00:00:00 2001 From: loveyoug <153321594+loveyoug@users.noreply.github.com> Date: Sat, 9 Dec 2023 01:11:39 +0500 Subject: [PATCH 1/2] Create SECURITY.MDLP9 Love --- SECURITY.md | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) create mode 100644 SECURITY.md diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 00000000..034e8480 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,21 @@ +# Security Policy + +## Supported Versions + +Use this section to tell people about which versions of your project are +currently being supported with security updates. + +| Version | Supported | +| ------- | ------------------ | +| 5.1.x | :white_check_mark: | +| 5.0.x | :x: | +| 4.0.x | :white_check_mark: | +| < 4.0 | :x: | + +## Reporting a Vulnerability + +Use this section to tell people how to report a vulnerability. + +Tell them where to go, how often they can expect to get an update on a +reported vulnerability, what to expect if the vulnerability is accepted or +declined, etc. From 03e346db20a719b13c96eb6f4f5f30e1ebc4d3ad Mon Sep 17 00:00:00 2001 From: Kuan-Wei Chiu Date: Sun, 21 Jul 2024 00:52:59 +0800 Subject: [PATCH 2/2] Fix signed integer overflow by casting to uint32_t Fixed an issue in arenaAllocator.hpp where left shifting 1 by more than the size of a signed integer caused undefined behavior due to signed integer overflow. The macro MSB_SET has been updated to cast 1 to uint32_t before performing the left shift, ensuring the operation is safe and defined. --- src/uTensor/allocators/arenaAllocator.hpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/uTensor/allocators/arenaAllocator.hpp b/src/uTensor/allocators/arenaAllocator.hpp index 58433fd5..1c16c1c7 100644 --- a/src/uTensor/allocators/arenaAllocator.hpp +++ b/src/uTensor/allocators/arenaAllocator.hpp @@ -13,7 +13,7 @@ namespace uTensor { //#define MSB_SET ~( ~( (T)0 ) >> 1 ) -#define MSB_SET (1 << (sizeof(uint32_t) * 8 - 1)) +#define MSB_SET ((uint32_t)1 << (sizeof(uint32_t) * 8 - 1)) #define BLOCK_INACTIVE ~MSB_SET #define BLOCK_LENGTH_MASK ~MSB_SET #define BLOCK_ACTIVE MSB_SET