Dominique Pellé wrote: > Hi > > I ran "make test" with vim-7.3.712 compiled with IOC > (http://embed.cs.utah.edu/ioc/), a tool that detects integer > overflows, which behave in undefined way according to > the C standard. Only unsigned integer is guaranteed to > behave in a predictable way. IOC found a few bugs: > > CLANG ARITHMETIC UNDEFINED at <hashtab.c, (179:25)> : Op: +, Reason : > Signed Addition Overflow, BINARY OPERATION: left (int32): 2140052020 > right (int32): 1608754829 > > CLANG ARITHMETIC UNDEFINED at <misc2.c, (4005:36)> : Op: *, Reason : > Signed Multiplication Overflow, BINARY OPERATION: left (int32): 64087 > right (int32): 64086CLANG ARITHMETIC UNDEFINED at <misc2.c, (3981:6)> > : Op: *, Reason : Signed Multiplication Overflow, BINARY OPERATION: > left ( > > CLANG ARITHMETIC UNDEFINED at <misc2.c, (3981:6)> : Op: *, Reason : > Signed Multiplication Overflow, BINARY OPERATION: left (int32): 64087 > right (int32): 64086 > > Attached patch fixes them. > > There is one more undefined behavior operation (float divide by 0 which is > also > undefined in C). Fixing it would require to use the INFINITY macro I think > but it's C99 macro and Vim needs to compile on older compilers so I > did not fix it: > > CLANG ARITHMETIC UNDEFINED at <eval.c, (4901:15)> : Op: /, Reason : > Floating Division: Divisor is 0, BINARY OPERATION: left (double): > 1.000000 right (double): 0.000000 > > It could be fixed by checking for INFINITY in autoconf. > > There might be more of such bugs: IOC is runtime checker so it only > checked what was executed while running "make test". > > Regards > -- Dominique
Attached is an updated patch to fix one more undefined signed integer overflow at hashtab.c:457. Regards -- Dominique -- You received this message from the "vim_dev" maillist. Do not top-post! Type your reply below the text you are replying to. For more information, visit http://www.vim.org/maillist.php
fixed-undefined-int-overflows-7.3.712.patch2
Description: Binary data
