Skip to content

Commit 61ac83b

Browse files
maleadtmaleadt
committed
GMP: Gracefully handle more overflows.
1 parent 7b9fdf8 commit 61ac83b

File tree

3 files changed

+46
-1
lines changed

3 files changed

+46
-1
lines changed

deps/gmp.mk

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -57,7 +57,12 @@ $(SRCCACHE)/gmp-$(GMP_VER)/gmp-CVE-2021-43618.patch-applied: $(SRCCACHE)/gmp-$(G
5757
patch -p1 < $(SRCDIR)/patches/gmp-CVE-2021-43618.patch
5858
echo 1 > $@
5959

60-
$(SRCCACHE)/gmp-$(GMP_VER)/source-patched: $(SRCCACHE)/gmp-$(GMP_VER)/gmp-CVE-2021-43618.patch-applied
60+
$(SRCCACHE)/gmp-$(GMP_VER)/gmp-more_alloc_overflow.patch-applied: $(SRCCACHE)/gmp-$(GMP_VER)/gmp-CVE-2021-43618.patch-applied
61+
cd $(dir $@) && \
62+
patch -p1 < $(SRCDIR)/patches/gmp-more_alloc_overflow.patch
63+
echo 1 > $@
64+
65+
$(SRCCACHE)/gmp-$(GMP_VER)/source-patched: $(SRCCACHE)/gmp-$(GMP_VER)/gmp-more_alloc_overflow.patch-applied
6166
echo 1 > $@
6267

6368
$(BUILDDIR)/gmp-$(GMP_VER)/build-configured: $(SRCCACHE)/gmp-$(GMP_VER)/source-patched

deps/patches/gmp-more_alloc_overflow.patch

Lines changed: 37 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,37 @@
1+
diff -ur gmp-6.2.1.orig/mpz/n_pow_ui.c gmp-6.2.1/mpz/n_pow_ui.c
2+
--- gmp-6.2.1.orig/mpz/n_pow_ui.c 2023-09-08 11:41:16.620551175 +0200
3+
+++ gmp-6.2.1/mpz/n_pow_ui.c 2023-09-08 12:49:29.650492180 +0200
4+
@@ -220,8 +220,7 @@
5+
umul_ppmm (ovfl, rtwos_bits, e, btwos);
6+
if (ovfl)
7+
{
8+
- fprintf (stderr, "gmp: overflow in mpz type\n");
9+
- abort ();
10+
+ __GMP_ALLOC_OVERFLOW_FUNC ();
11+
}
12+
13+
rtwos_limbs += rtwos_bits / GMP_NUMB_BITS;
14+
@@ -382,8 +381,7 @@
15+
umul_ppmm (ovfl, ralloc, (bsize*GMP_NUMB_BITS - cnt + GMP_NAIL_BITS), e);
16+
if (ovfl)
17+
{
18+
- fprintf (stderr, "gmp: overflow in mpz type\n");
19+
- abort ();
20+
+ __GMP_ALLOC_OVERFLOW_FUNC ();
21+
}
22+
ralloc = ralloc / GMP_NUMB_BITS + 5;
23+
24+
diff -ur gmp-6.2.1.orig/tal-reent.c gmp-6.2.1/tal-reent.c
25+
--- gmp-6.2.1.orig/tal-reent.c 2020-11-14 19:45:09.000000000 +0100
26+
+++ gmp-6.2.1/tal-reent.c 2023-09-08 12:10:34.061357613 +0200
27+
@@ -61,6 +61,11 @@
28+
29+
total_size = size + HSIZ;
30+
p = __GMP_ALLOCATE_FUNC_TYPE (total_size, char);
31+
+ if (!p)
32+
+ {
33+
+ __GMP_ALLOC_OVERFLOW_FUNC ();
34+
+ }
35+
P->size = total_size;
36+
P->next = *markp;
37+
*markp = P;

test/gmp.jl

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,9 @@ ee = typemax(Int64)
1111
@test BigInt <: Signed
1212
@test big(1) isa Signed
1313

14+
@test_throws OutOfMemoryError big(96608869069402268615522366320733234710)^16374500563449903721
15+
@test_throws OutOfMemoryError 555555555555555555555555555555555555555555555555555^55555555555555555
16+
1417
let x = big(1)
1518
@test signed(x) === x
1619
@test convert(Signed, x) === x

0 commit comments

Comments
 (0)