Zsh Mailing List Archive Messages sorted by: Reverse Date, Date, Thread, Author

Re: Two issues found with -fsanitize=undefined

X-seq: zsh-workers 36559
From: Peter Stephenson <p.w.stephenson@xxxxxxxxxxxx>
To: Markus Trippelsdorf <markus@xxxxxxxxxxxxxxx>
Subject: Re: Two issues found with -fsanitize=undefined
Date: Sat, 19 Sep 2015 20:57:51 +0100
Cc: zsh-workers@xxxxxxx
In-reply-to: <20150917075759.GA24365@x4>
List-help: <mailto:zsh-workers-help@zsh.org>
List-id: Zsh Workers List <zsh-workers.zsh.org>
List-post: <mailto:zsh-workers@zsh.org>
Mailing-list: contact zsh-workers-help@xxxxxxx; run by ezmlm
References: <20150917075759.GA24365@x4>

On Thu, 17 Sep 2015 09:57:59 +0200
Markus Trippelsdorf <markus@xxxxxxxxxxxxxxx> wrote:
> 1)
>  pattern.c:2645:12: runtime error: signed integer overflow: 1234567890123456789 * 10 cannot be represented in type 'long int'
> Test ./D02glob.ztst failed: error output differs from expected as shown above for:

This might shut the compiler up, although the existing code should do
the right thing anyway.  I don't have gcc 5.

pws

diff --git a/Src/pattern.c b/Src/pattern.c
index 3b55ccf..af56bd9 100644
--- a/Src/pattern.c
+++ b/Src/pattern.c
@@ -220,8 +220,10 @@ typedef union upat *Upat;
 #if defined(ZSH_64_BIT_TYPE) || defined(LONG_IS_64_BIT)
 typedef zlong zrange_t;
 #define ZRANGE_T_IS_SIGNED	(1)
+#define ZRANGE_MAX ZLONG_MAX
 #else
 typedef unsigned long zrange_t;
+#define ZRANGE_MAX ULONG_MAX
 #endif
 
 #ifdef MULTIBYTE_SUPPORT
@@ -2641,19 +2643,30 @@ patmatch(Upat prog)
 	    start = compend = patinput;
 	    comp = 0;
 	    while (patinput < patinend && idigit(*patinput)) {
-		if (comp)
-		    comp *= 10;
-		comp += *patinput - '0';
+		int out_of_range = 0;
+		int digit = *patinput - '0';
+		if (comp > ZRANGE_MAX / (zlong)10) {
+		    out_of_range = 1;
+		} else {
+		    zrange_t c10 = comp ? comp * 10 : 0;
+		    if (ZRANGE_MAX - c10 < digit) {
+			out_of_range = 1;
+		    } else {
+			comp = c10;
+			comp += digit;
+		    }
+		}
 		patinput++;
 		compend++;
 
-		if (comp & ((zrange_t)1 << (sizeof(comp)*8 -
+		if (out_of_range ||
+		    (comp & ((zrange_t)1 << (sizeof(comp)*8 -
 #ifdef ZRANGE_T_IS_SIGNED
 					    2
 #else
 					    1
 #endif
-				))) {
+				)))) {
 		    /*
 		     * Out of range (allowing for signedness, which
 		     * we need if we are using zlongs).
diff --git a/Src/zsh.h b/Src/zsh.h
index 4e2cb65..9c7e5d9 100644
--- a/Src/zsh.h
+++ b/Src/zsh.h
@@ -36,6 +36,12 @@
  */
 #ifdef ZSH_64_BIT_TYPE
 typedef ZSH_64_BIT_TYPE zlong;
+#if defind(ZLONG_IS_LONG_LONG) && defined(LLONG_MAX)
+#define ZLONG_MAX LLONG_MAX
+#else
+/* umm... */
+#define  ZLONG_MAX ((zlong)9223372036854775807)
+#endif
 #ifdef ZSH_64_BIT_UTYPE
 typedef ZSH_64_BIT_UTYPE zulong;
 #else
@@ -44,6 +50,7 @@ typedef unsigned zlong zulong;
 #else
 typedef long zlong;
 typedef unsigned long zulong;
+#define ZLONG_MAX LONG_MAX
 #endif
 
 /*

Follow-Ups:
- Re: Two issues found with -fsanitize=undefined
  - From: Peter Stephenson
- Re: Two issues found with -fsanitize=undefined
  - From: Markus Trippelsdorf

References:
- Two issues found with -fsanitize=undefined
  - From: Markus Trippelsdorf

Messages sorted by: Reverse Date, Date, Thread, Author