[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug #64301] [troff] susceptible to integer overflow
From: |
G. Branden Robinson |
Subject: |
[bug #64301] [troff] susceptible to integer overflow |
Date: |
Fri, 19 Jul 2024 15:15:33 -0400 (EDT) |
Update of bug #64301 (group groff):
Status: In Progress => Fixed
Open/Closed: Open => Closed
Planned Release: None => 1.24.0
_______________________________________________________
Follow-up Comment #5:
commit 5f608c758ffc1558fd4d07f387a3559bd6b95af5
Author: G. Branden Robinson <g.branden.robinson@gmail.com>
Date: Fri Jul 19 13:53:40 2024 -0500
Add test of *roff arithmetic.
* src/roff/groff/tests/arithmetic-works.sh: Do it.
* src/roff/groff/groff.am (groff_TESTS): Run test.
commit 7570fbf57040df6320709263803ba98fe8a41719
Author: G. Branden Robinson <g.branden.robinson@gmail.com>
Date: Thu Jul 18 22:03:19 2024 -0500
[troff]: Fix Savannah #64301 (15/15).
* src/roff/troff/number.cpp (is_valid_term): When negating a term,
remove manual detection of negation of `INT_MIN` (guaranteed to
overflow in a two's complement representation), relying on `ckd_mul()`
to indicate it.
Fixes <https://savannah.gnu.org/bugs/?64301>. You have to compile GNU
troff with the (GCC) compiler option `-ftrapv` for arithmetic to trap
and cause a core dump.
commit 7a7c693db3974c22bde0492f0a333a1a051b4b5f
Author: G. Branden Robinson <g.branden.robinson@gmail.com>
Date: Thu Jul 18 21:54:54 2024 -0500
[troff]: Fix Savannah #64301 (14/15).
* src/roff/troff/number.cpp (is_valid_term): When applying the *roff `|`
boundary-relative motion operator, remove manual detection of
overflow, relying on `ckd_sub()` to indicate it, and store result to
temporary variable in case it overflows and must be discarded.
Otherwise, copy temporary to the storage for the term being
interpreted.
commit b4f9d7010d10703df99770db0e4d91fa57422d38
Author: G. Branden Robinson <g.branden.robinson@gmail.com>
Date: Mon Jul 15 18:02:24 2024 -0500
[troff]: Fix Savannah #64301 (13/15).
* src/roff/troff/number.cpp (is_valid_term): When parsing integer
literals, remove manual detection of overflow, relying on `ckd_mul()`
and `ckd_add()` to indicate it. When an overflowing literal is
encountered, skip excess digits. This is a behavior change, albeit an
esoteric one; evaluation of a numeric term no longer aborts in this
scenario.
commit f3a331e907f7824a7edff025bed21fb2110a2860
Author: G. Branden Robinson <g.branden.robinson@gmail.com>
Date: Mon Jul 15 12:10:47 2024 -0500
[troff]: Fix Savannah #64301 (12/15).
* src/roff/troff/number.cpp (get_hunits): Use `ckd_add()` (with
temporary variable, annotating why) instead of primitive operation,
and throw error diagnostic if arithmetic wraps.
commit 277152bb27731d6672b28a9c51f28ff2cda931b0
Author: G. Branden Robinson <g.branden.robinson@gmail.com>
Date: Mon Jul 15 10:46:28 2024 -0500
[troff]: Fix Savannah #64301 (11/15).
* src/roff/troff/hvunits.h (hunits operator +): Use `ckd_add()` instead
of primitive operation, and throw error diagnostic if arithmetic
wraps.
commit baadf5f03bfacec08e34ef2e0263f2de8bd1f2ef
Author: G. Branden Robinson <g.branden.robinson@gmail.com>
Date: Mon Jul 15 10:41:34 2024 -0500
[troff]: Fix Savannah #64301 (10/15).
* src/roff/troff/hvunits.h (hunits operator -): Use `ckd_sub()` instead
of primitive operation, and throw error diagnostic if arithmetic
wraps.
commit ba57af884546e75fa28c6769abfd4d2fd286f27b
Author: G. Branden Robinson <g.branden.robinson@gmail.com>
Date: Mon Jul 15 10:07:51 2024 -0500
[troff]: Fix Savannah #64301 (9/15).
* src/roff/troff/hvunits.h (hunits operator *): Use `ckd_mul()` instead
of primitive operation, and throw error diagnostic if arithmetic
wraps.
commit 870f3a6e69b51eec85bb8383002b6134fec2dd83
Author: G. Branden Robinson <g.branden.robinson@gmail.com>
Date: Mon Jul 15 10:21:16 2024 -0500
[troff]: Fix Savannah #64301 (8/15).
* src/roff/troff/hvunits.h (hunits::to_units): Use `ckd_mul()` instead
of primitive operation, and throw error diagnostic if arithmetic
wraps.
commit 40d51279673ac09f05285cf6cd8818a833eca117
Author: G. Branden Robinson <g.branden.robinson@gmail.com>
Date: Mon Jul 15 09:59:55 2024 -0500
[troff]: Fix Savannah #64301 (7/15).
* src/roff/troff/number.cpp (get_vunits): Use `ckd_add()` (with
temporary variable, annotating why) instead of primitive operation,
and throw error diagnostic if arithmetic wraps.
commit cd6f015058e8bb41cbc06141acd364d6dfc5ecc7
Author: G. Branden Robinson <g.branden.robinson@gmail.com>
Date: Mon Jul 15 09:54:05 2024 -0500
[troff]: Fix Savannah #64301 (6/15).
* src/roff/troff/hvunits.h (vunits operator *): Use `ckd_mul()` instead
of primitive operation, and throw error diagnostic if arithmetic
wraps.
commit 5565799763b22ff9b9f9f27bbb0ac3f9bd76b895
Author: G. Branden Robinson <g.branden.robinson@gmail.com>
Date: Mon Jul 15 09:51:19 2024 -0500
[troff]: Fix Savannah #64301 (5/15).
* src/roff/troff/hvunits.h (vunits operator +): Use `ckd_add()` instead
of primitive operation, and throw error diagnostic if arithmetic
wraps.
commit 4d90e3b1097c98c39b3b778384d255af69014709
Author: G. Branden Robinson <g.branden.robinson@gmail.com>
Date: Mon Jul 15 09:49:57 2024 -0500
[troff]: Fix Savannah #64301 (4/15).
* src/roff/troff/hvunits.h (vunits::to_units): Use `ckd_mul()` instead
of primitive operation, and throw error diagnostic if arithmetic
wraps.
commit 64f649db296577d3c20657c1d7f863aa2b63ce60
Author: G. Branden Robinson <g.branden.robinson@gmail.com>
Date: Mon Jul 15 10:28:38 2024 -0500
[troff]: Fix Savannah #64301 (3/15).
* src/roff/troff/hvunits.h: Include `config.h` and `stdckdint.h`
headers.
(vunits operator -): Use `ckd_sub()` instead of primitive operation,
and throw error diagnostic if arithmetic wraps.
commit e0f26fa73f6e7628f84e4ad5abe4fd643ad836af
Author: G. Branden Robinson <g.branden.robinson@gmail.com>
Date: Mon Jul 15 09:45:24 2024 -0500
[troff]: Fix Savannah #64301 (2/15).
* src/roff/troff/number.cpp: Include `config.h` and `stdckdint.h`
headers.
(get_number, get_integer, is_valid_expression): Use `ckd_add()`,
`ckd_sub()`, and `ckd_mul()` instead of primitive operations, and
throw error diagnostic if arithmetic wraps.
(is_valid_expression): Remove manual detection of overflow.
commit b12e14107a71e244c614328e82f24dddc194bd58
Author: G. Branden Robinson <g.branden.robinson@gmail.com>
Date: Mon Jul 15 09:44:55 2024 -0500
[troff]: Fix Savannah #64301 (1/15).
[troff]: Prevent traps on overflowing integer arithmetic.
* bootstrap.conf: Add "stdckdint" to `gnulib_modules`.
Also fix whitespace nit and add editor aid comments.
_______________________________________________________
Reply to this item at:
<https://savannah.gnu.org/bugs/?64301>
_______________________________________________
Message sent via Savannah
https://savannah.gnu.org/
signature.asc
Description: PGP signature
- [bug #64301] [troff] susceptible to integer overflow, G. Branden Robinson, 2024/07/14
- Message not available
- Message not available
- Message not available
- [bug #64301] [troff] susceptible to integer overflow, G. Branden Robinson, 2024/07/15
- Re: [bug #64301] [troff] susceptible to integer overflow, Collin Funk, 2024/07/15
- Re: [bug #64301] [troff] susceptible to integer overflow, G. Branden Robinson, 2024/07/16
- Re: [bug #64301] [troff] susceptible to integer overflow, Colin Watson, 2024/07/16
- Re: [bug #64301] [troff] susceptible to integer overflow, Collin Funk, 2024/07/16
Message not available
- Message not available
- Message not available
- [bug #64301] [troff] susceptible to integer overflow,
G. Branden Robinson <=
Message not available
Message not available
Message not available
Message not available