[tor-bugs] #13104 [Tor]: [patch] Arithmetic undef behaviour: sscanf, memeq, scale array, fmt exit status
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Sep 10 02:25:55 UTC 2014
#13104: [patch] Arithmetic undef behaviour: sscanf, memeq, scale array, fmt exit
status
------------------------+-------------------------------------
Reporter: teor | Owner:
Type: defect | Status: needs_review
Priority: normal | Milestone: Tor: 0.2.6.x-final
Component: Tor | Version: Tor: 0.2.5.5-alpha
Resolution: | Keywords: tor-router 025-backport
Actual Points: | Parent ID:
Points: |
------------------------+-------------------------------------
Comment (by teor):
Yes, you're right, unsigned integer underflow is defined in C11 as modulo
(UINT_TYPE_MAX + 1):
6.3.1.3, paragraph 2 [ISO/IEC 9899:2011]:
Otherwise, if the new type is unsigned, the value is converted by
repeatedly adding or subtracting one more than the maximum value that can
be represented in the new type until the value is in the range of the new
type.
I think this was probably a build configuration issue on my end. It looks
like I managed to slip in -fsanitize=unsigned-integer-overflow in my tests
on di_ops.c, then remove it again shortly afterwards. I can't reproduce
the same error with the original code and my current build flags.
I'm sorry about that, I'll replace the di_ops patch with one that simply
adds the new tests, and doesn't change any tor code.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13104#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list