[tor-bugs] #19168 [Core Tor/Tor]: Integer overflows in case conversion tables
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed May 25 13:59:39 UTC 2016
#19168: Integer overflows in case conversion tables
--------------------------+------------------------------------
Reporter: cypherpunks | Owner:
Type: defect | Status: needs_revision
Priority: Medium | Milestone: Tor: 0.2.9.x-final
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
--------------------------+------------------------------------
Changes (by nickm):
* status: needs_review => needs_revision
* milestone: => Tor: 0.2.9.x-final
Comment:
From what I can tell from the C standard, "integer overflow" means integer
operations that produce a result that can't be represented in the
arithmetic type; it doesn't refer to the conversion that an ordinary cast
or assignment. The results of '''conversion''' from an unsigned value to a
signed type that can't hold that value is implementation-defined, not
undefined. See 6.3.1.3 from http://www.open-
std.org/jtc1/sc22/wg14/www/docs/n1570.pdf , and similar language in
earlier versions of C.
(Also, minor note: 'char' is not the same as 'signed char' or 'unsigned
char'; the signedness of char is also implementation-defined.)
Unless I'm super-wrong here, I'd plan to close this as wontfix?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/19168#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list