bug-groff
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug #64301] [troff] susceptible to integer overflow


From: G. Branden Robinson
Subject: [bug #64301] [troff] susceptible to integer overflow
Date: Fri, 19 Jul 2024 15:15:33 -0400 (EDT)

Update of bug #64301 (group groff):

                  Status:             In Progress => Fixed                  
             Open/Closed:                    Open => Closed                 
         Planned Release:                    None => 1.24.0                 

    _______________________________________________________

Follow-up Comment #5:


commit 5f608c758ffc1558fd4d07f387a3559bd6b95af5
Author: G. Branden Robinson <g.branden.robinson@gmail.com>
Date:   Fri Jul 19 13:53:40 2024 -0500

    Add test of *roff arithmetic.
    
    * src/roff/groff/tests/arithmetic-works.sh: Do it.
    * src/roff/groff/groff.am (groff_TESTS): Run test.

commit 7570fbf57040df6320709263803ba98fe8a41719
Author: G. Branden Robinson <g.branden.robinson@gmail.com>
Date:   Thu Jul 18 22:03:19 2024 -0500

    [troff]: Fix Savannah #64301 (15/15).
    
    * src/roff/troff/number.cpp (is_valid_term): When negating a term,
      remove manual detection of negation of `INT_MIN` (guaranteed to
      overflow in a two's complement representation), relying on `ckd_mul()`
      to indicate it.
    
    Fixes <https://savannah.gnu.org/bugs/?64301>.  You have to compile GNU
    troff with the (GCC) compiler option `-ftrapv` for arithmetic to trap
    and cause a core dump.

commit 7a7c693db3974c22bde0492f0a333a1a051b4b5f
Author: G. Branden Robinson <g.branden.robinson@gmail.com>
Date:   Thu Jul 18 21:54:54 2024 -0500

    [troff]: Fix Savannah #64301 (14/15).
    
    * src/roff/troff/number.cpp (is_valid_term): When applying the *roff `|`
      boundary-relative motion operator, remove manual detection of
      overflow, relying on `ckd_sub()` to indicate it, and store result to
      temporary variable in case it overflows and must be discarded.
      Otherwise, copy temporary to the storage for the term being
      interpreted.

commit b4f9d7010d10703df99770db0e4d91fa57422d38
Author: G. Branden Robinson <g.branden.robinson@gmail.com>
Date:   Mon Jul 15 18:02:24 2024 -0500

    [troff]: Fix Savannah #64301 (13/15).
    
    * src/roff/troff/number.cpp (is_valid_term): When parsing integer
      literals, remove manual detection of overflow, relying on `ckd_mul()`
      and `ckd_add()` to indicate it.  When an overflowing literal is
      encountered, skip excess digits.  This is a behavior change, albeit an
      esoteric one; evaluation of a numeric term no longer aborts in this
      scenario.

commit f3a331e907f7824a7edff025bed21fb2110a2860
Author: G. Branden Robinson <g.branden.robinson@gmail.com>
Date:   Mon Jul 15 12:10:47 2024 -0500

    [troff]: Fix Savannah #64301 (12/15).
    
    * src/roff/troff/number.cpp (get_hunits): Use `ckd_add()` (with
      temporary variable, annotating why) instead of primitive operation,
      and throw error diagnostic if arithmetic wraps.

commit 277152bb27731d6672b28a9c51f28ff2cda931b0
Author: G. Branden Robinson <g.branden.robinson@gmail.com>
Date:   Mon Jul 15 10:46:28 2024 -0500

    [troff]: Fix Savannah #64301 (11/15).
    
    * src/roff/troff/hvunits.h (hunits operator +): Use `ckd_add()` instead
      of primitive operation, and throw error diagnostic if arithmetic
      wraps.

commit baadf5f03bfacec08e34ef2e0263f2de8bd1f2ef
Author: G. Branden Robinson <g.branden.robinson@gmail.com>
Date:   Mon Jul 15 10:41:34 2024 -0500

    [troff]: Fix Savannah #64301 (10/15).
    
    * src/roff/troff/hvunits.h (hunits operator -): Use `ckd_sub()` instead
      of primitive operation, and throw error diagnostic if arithmetic
      wraps.

commit ba57af884546e75fa28c6769abfd4d2fd286f27b
Author: G. Branden Robinson <g.branden.robinson@gmail.com>
Date:   Mon Jul 15 10:07:51 2024 -0500

    [troff]: Fix Savannah #64301 (9/15).
    
    * src/roff/troff/hvunits.h (hunits operator *): Use `ckd_mul()` instead
      of primitive operation, and throw error diagnostic if arithmetic
      wraps.

commit 870f3a6e69b51eec85bb8383002b6134fec2dd83
Author: G. Branden Robinson <g.branden.robinson@gmail.com>
Date:   Mon Jul 15 10:21:16 2024 -0500

    [troff]: Fix Savannah #64301 (8/15).
    
    * src/roff/troff/hvunits.h (hunits::to_units): Use `ckd_mul()` instead
      of primitive operation, and throw error diagnostic if arithmetic
      wraps.

commit 40d51279673ac09f05285cf6cd8818a833eca117
Author: G. Branden Robinson <g.branden.robinson@gmail.com>
Date:   Mon Jul 15 09:59:55 2024 -0500

    [troff]: Fix Savannah #64301 (7/15).
    
    * src/roff/troff/number.cpp (get_vunits): Use `ckd_add()` (with
      temporary variable, annotating why) instead of primitive operation,
      and throw error diagnostic if arithmetic wraps.

commit cd6f015058e8bb41cbc06141acd364d6dfc5ecc7
Author: G. Branden Robinson <g.branden.robinson@gmail.com>
Date:   Mon Jul 15 09:54:05 2024 -0500

    [troff]: Fix Savannah #64301 (6/15).
    
    * src/roff/troff/hvunits.h (vunits operator *): Use `ckd_mul()` instead
      of primitive operation, and throw error diagnostic if arithmetic
      wraps.

commit 5565799763b22ff9b9f9f27bbb0ac3f9bd76b895
Author: G. Branden Robinson <g.branden.robinson@gmail.com>
Date:   Mon Jul 15 09:51:19 2024 -0500

    [troff]: Fix Savannah #64301 (5/15).
    
    * src/roff/troff/hvunits.h (vunits operator +): Use `ckd_add()` instead
      of primitive operation, and throw error diagnostic if arithmetic
      wraps.

commit 4d90e3b1097c98c39b3b778384d255af69014709
Author: G. Branden Robinson <g.branden.robinson@gmail.com>
Date:   Mon Jul 15 09:49:57 2024 -0500

    [troff]: Fix Savannah #64301 (4/15).
    
    * src/roff/troff/hvunits.h (vunits::to_units): Use `ckd_mul()` instead
      of primitive operation, and throw error diagnostic if arithmetic
      wraps.

commit 64f649db296577d3c20657c1d7f863aa2b63ce60
Author: G. Branden Robinson <g.branden.robinson@gmail.com>
Date:   Mon Jul 15 10:28:38 2024 -0500

    [troff]: Fix Savannah #64301 (3/15).
    
    * src/roff/troff/hvunits.h: Include `config.h` and `stdckdint.h`
      headers.
    
      (vunits operator -): Use `ckd_sub()` instead of primitive operation,
      and throw error diagnostic if arithmetic wraps.

commit e0f26fa73f6e7628f84e4ad5abe4fd643ad836af
Author: G. Branden Robinson <g.branden.robinson@gmail.com>
Date:   Mon Jul 15 09:45:24 2024 -0500

    [troff]: Fix Savannah #64301 (2/15).
    
    * src/roff/troff/number.cpp: Include `config.h` and `stdckdint.h`
      headers.
    
      (get_number, get_integer, is_valid_expression): Use `ckd_add()`,
      `ckd_sub()`, and `ckd_mul()` instead of primitive operations, and
      throw error diagnostic if arithmetic wraps.
    
      (is_valid_expression): Remove manual detection of overflow.

commit b12e14107a71e244c614328e82f24dddc194bd58
Author: G. Branden Robinson <g.branden.robinson@gmail.com>
Date:   Mon Jul 15 09:44:55 2024 -0500

    [troff]: Fix Savannah #64301 (1/15).
    
    [troff]: Prevent traps on overflowing integer arithmetic.
    
    * bootstrap.conf: Add "stdckdint" to `gnulib_modules`.
    
    Also fix whitespace nit and add editor aid comments.




    _______________________________________________________

Reply to this item at:

  <https://savannah.gnu.org/bugs/?64301>

_______________________________________________
Message sent via Savannah
https://savannah.gnu.org/

Attachment: signature.asc
Description: PGP signature


reply via email to

[Prev in Thread] Current Thread [Next in Thread]