maxmustermann/dogecoin
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Merge #18413: script: prevent UB when computing abs value for num opcode serialize

Browse source 
2748e87932 script: prevent UB when computing abs value for num opcode serialize (pierrenn)

Pull request description:

  This was reported by practicalswift here #18046

  It seems that the original author of the line used a reference to glibc `abs`: https://github.com/lattera/glibc/blob/master/stdlib/abs.c

  However depending on some implementation details this can be undefined behavior for unusual values.

  A detailed explanation of the UB is provided here : https://stackoverflow.com/questions/17313579/is-there-a-safe-way-to-get-the-unsigned-absolute-value-of-a-signed-integer-with (by [Billy O'Neal](https://twitter.com/malwareminigun))

  Simple relevant godbolt example :  https://godbolt.org/z/yRwtCG

  Thanks!

ACKs for top commit:
  sipa:
    ACK 2748e87932
  MarcoFalke:
    ACK 2748e87932, only checked that the bitcoind binary does not change with clang -O2 🎓
  practicalswift:
    ACK 2748e87932

Tree-SHA512: 539a34c636c2674c66cb6e707d9d0dfdce63f59b5525610ed88da10c9a8d59d81466b111ad63b850660cef3750d732fc7755530c81a2d61f396be0707cd86dec
This commit is contained in:
fanquake 2020-05-02 20:52:15 +08:00
parent 844d2070a2 2748e87932
commit 68ef9523d1
No known key found for this signature in database
GPG key ID: 2EEB9F5CC09526C1
3 changed files with 3 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
src/script/script.h
View file

@ -329,7 +329,7 @@ public:
std::vector<unsigned char> result;
const bool neg = value < 0;
uint64_t absvalue = neg ? -value : value;
uint64_t absvalue = neg ? ~static_cast<uint64_t>(value) + 1 : static_cast<uint64_t>(value);
while(absvalue)
{

6
src/test/fuzz/integer.cpp
View file

@ -148,11 +148,7 @@ void test_one_input(const std::vector<uint8_t>& buffer)
const CScriptNum script_num{i64};
(void)script_num.getint();
// Avoid negation failure:
// script/script.h:332:35: runtime error: negation of -9223372036854775808 cannot be represented in type 'int64_t' (aka 'long'); cast to an unsigned type to negate this value to itself
if (script_num != CScriptNum{std::numeric_limits<int64_t>::min()}) {
(void)script_num.getvch();
}
(void)script_num.getvch();
const arith_uint256 au256 = UintToArith256(u256);
assert(ArithToUint256(au256) == u256);

6
src/test/fuzz/scriptnum_ops.cpp
View file

@ -129,10 +129,6 @@ void test_one_input(const std::vector<uint8_t>& buffer)
break;
}
(void)script_num.getint();
// Avoid negation failure:
// script/script.h:332:35: runtime error: negation of -9223372036854775808 cannot be represented in type 'int64_t' (aka 'long'); cast to an unsigned type to negate this value to itself
if (script_num != CScriptNum{std::numeric_limits<int64_t>::min()}) {
(void)script_num.getvch();
}
(void)script_num.getvch();
}
}