Skip to content

Fix possible integer overflow #555

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Sep 5, 2023
Merged

Fix possible integer overflow #555

merged 2 commits into from
Sep 5, 2023

Conversation

@sjaeckel
Copy link
Member

@sjaeckel sjaeckel commented Jun 1, 2023

This is #546 but on develop.

@sjaeckel sjaeckel requested a review from czurnieden June 1, 2023 12:14
@sjaeckel sjaeckel force-pushed the port-546-to-develop branch from 7eadb47 to 4ca2f5d Compare June 1, 2023 12:23
@sjaeckel
Copy link
Member Author

sjaeckel commented Jun 1, 2023

Wat?

https://github.com/libtom/libtommath/actions/runs/5144260217/jobs/9260336791?pr=555#step:4:333

demo/test.c:1112:13: runtime error: negation of -2147483648 cannot be represented in type 'int'; cast to an unsigned type to negate this value to itself

Do I understand this correctly that s_mp_rand_jenkins() created the only value that can't be converted with abs()? :D

@czurnieden
Copy link
Contributor

Do I understand this correctly that s_mp_rand_jenkins() created the only value that can't be converted with abs()?

Yes, it is a good boy^WPRNG.
Only bad for us ;-)

Found it at three places in test.c , so it isn't that bad.
Do you want to put a note in the documentation/github-wiki for the developers-to-come?

@sjaeckel
Copy link
Member Author

sjaeckel commented Jun 1, 2023

I just thought whether it'd be good to add runtime checks&fixups to the rand_xx() functions like if (x == xx_MIN) x++;!?

@czurnieden
Copy link
Contributor

I just thought whether it'd be good to add runtime checks&fixups to the rand_xx() functions like if (x == xx_MIN) x++;!?

Changing the output of a PRNG is always *hng* for me but is probably the easiest.

How about offering unsigned variations of rand_xx()? Would make abs() obsolete.

@sjaeckel
Copy link
Member Author

sjaeckel commented Jun 1, 2023

How about offering unsigned variations of rand_xx()? Would make abs() obsolete.

absolutely!

@czurnieden
Copy link
Contributor

absolutely!

Alhaalta ylös! ;-)

Copy&paste a check into every single rand_xx or C&P the whole stick and C&P some unsigneds and us in front of the types?
But to be honest: it's the test environment, it must be correct, not shiny! Whatever is less work: I'll let it through on the nod.

@czurnieden @sjaeckel
Fix possible integer overflow
be78ab9 
(cherry picked from commit beba892)
@sjaeckel sjaeckel force-pushed the port-546-to-develop branch from 4ca2f5d to be78ab9 Compare September 5, 2023 05:15
sjaeckel added a commit that referenced this pull request Sep 5, 2023
@sjaeckel
Prevent potential runtime-error in tests
69b30b1 
`abs()` can only convert `INT_MIN-1 .. -1` to a positive `int`.
Nothing prevents the PRNG to create `INT_MIN` which then leads to a failure
of the call to `abs()` as seen in [0].
Instead add an unsigned version of the function reading from the PRNG,
so we also don't need to make an absolute value from it.

[0] #555 (comment)

```
demo/test.c:1112:13: runtime error: negation of -2147483648 cannot be represented in type 'int'; cast to an unsigned type to negate this value to itself
```

Signed-off-by: Steffen Jaeckel <[email protected]>
sjaeckel added a commit that referenced this pull request Sep 5, 2023
@sjaeckel
Prevent potential runtime-error in tests
11f1acd 
`abs()` can only convert `INT_MIN-1 .. -1` to a positive `int`.
Nothing prevents the PRNG to create `INT_MIN` which then leads to a failure
of the call to `abs()` as seen in [0].
Instead add an unsigned version of the function reading from the PRNG,
so we also don't need to make an absolute value from it.

[0] #555 (comment)

```
demo/test.c:1112:13: runtime error: negation of -2147483648 cannot be represented in type 'int'; cast to an unsigned type to negate this value to itself
```

Signed-off-by: Steffen Jaeckel <[email protected]>
@sjaeckel sjaeckel force-pushed the port-546-to-develop branch from 69b30b1 to 11f1acd Compare September 5, 2023 05:47
@sjaeckel
Prevent potential runtime-error in tests
6175cca 
`abs()` can only convert `INT_MIN-1 .. -1` to a positive `int`.
Nothing prevents the PRNG to create `INT_MIN` which then leads to a failure
of the call to `abs()` as seen in [0].
Instead add an unsigned version of the function reading from the PRNG,
so we also don't need to make an absolute value from it.

[0] #555 (comment)

```
demo/test.c:1112:13: runtime error: negation of -2147483648 cannot be represented in type 'int'; cast to an unsigned type to negate this value to itself
```

Signed-off-by: Steffen Jaeckel <[email protected]>
@sjaeckel sjaeckel force-pushed the port-546-to-develop branch from 11f1acd to 6175cca Compare September 5, 2023 14:17
@sjaeckel
Copy link
Member Author

sjaeckel commented Sep 5, 2023

In a next step we should follow up on #430 ff.

@sjaeckel sjaeckel merged commit 65c1256 into develop Sep 5, 2023
@sjaeckel sjaeckel deleted the port-546-to-develop branch September 5, 2023 14:27
@sjaeckel sjaeckel added the bug label Sep 6, 2023
@sjaeckel sjaeckel added this to the v2.0.0 milestone Mar 12, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@czurnieden czurnieden Awaiting requested review from czurnieden

Assignees

No one assigned

Labels

bug

Projects

None yet

Milestone

v2.0.0

Development

Successfully merging this pull request may close these issues.

2 participants

@sjaeckel @czurnieden