[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 2 Dec 2023 10:42:11 +0900
From: Anuraag Agrawal <anuraaga@...il.com>
To: Markus Wichmann <nullplan@....net>
Cc: musl@...ts.openwall.com
Subject: Re: Large overflow in __intscan ignored
Hello,
Thanks for checking and very sorry for the noise, I didn't read the loop
condition correctly. I am using Webassembly so the issue must be specific
to it somehow. I will report on wasi-libc to follow up.
Thanks,
On Sat, Dec 2, 2023, 01:21 Markus Wichmann <nullplan@....net> wrote:
> Am Fri, Dec 01, 2023 at 02:08:54PM +0900 schrieb Anuraag Agrawal:
> > Currently, __intscan, used by functions like strtol, does not seem to
> check
> > for overflow during multiplication.
> >
> > https://git.musl-libc.org/cgit/musl/tree/src/internal/intscan.c#n69
> >
>
> There is no multiplication in the referenced line. Assuming you mean the
> one above it, the loop condition checks that neither the multiplication
> nor the addition can overflow. The same holds for the loop on lines 79f.
>
> As far as I can tell, this has been the case since the first version of
> this code was checked in in 2012.
>
> Ciao,
> Markus
>
Content of type "text/html" skipped
Powered by blists - more mailing lists
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
