Date: Wed, 10 Aug 2011 14:33:35 -0400 From: Rich Felker <dalias@...ifal.cx> To: musl@...ts.openwall.com Subject: Re: New daily reports - nothing On Wed, Aug 10, 2011 at 08:34:46PM +0200, Luka Marčetić wrote: > On 08/10/2011 08:21 PM, Rich Felker wrote: > >On Wed, Aug 10, 2011 at 08:23:37PM +0200, Luka Marčetić wrote: > >>On 08/10/2011 07:33 PM, Rich Felker wrote: > >>>What about SIZE_MAX>>(4*sizeof(size_t))? > >>Never heard of it. What about PTRDIFF_MAX though? > >My point was that SIZE_MAX>>(4*sizeof(size_t)) is an easy way to get > >the square root of SIZE_MAX without long double arithmetic. > > Doesn't seem that easy to me. It is. That's the beauty of logarithms. > >PTRDIFF_T > >is rather irrelevant to testing calloc overflows, where the whole > >point is that A*B overflows SIZE_MAX and results in a small integer > >value where the allocation will certainly succeed. > > The task says I should test for PTRDIFF_T. So i tried to make a > general function. Testing if malloc allocates memory larger than PTRDIFF_MAX is independent of testing if calloc is subject to multiplication overflow vulnerabilities. Rich
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.