Tcl Source Code

View Ticket
Login
Core Home Timeline Branches Tags Tickets Download Wiki
Attach Edit New Ticket Plaintext
Ticket UUID: 4789e18fcba7534cf2ca908eee2cca032e955c6e
Title: signed integer overflow during obj-31.6
Type: Patch Version: core-8-6-branch
Submitter: chrstphrchvz Created on: 2022-02-17 00:12:05
Subsystem: 13. Index Object Assigned To: jan.nijtmans
Priority: 5 Medium Severity: Minor
Status: Closed Last Modified: 2022-03-06 16:16:27
Resolution: Fixed Closed By: jan.nijtmans
    Closed on: 2022-03-06 16:16:27
Description:

This command (equivalent to test obj-31.6) triggers signed integer overflow (undefined behavior), which the attached patch addresses: 

% string index {} end--0x80000000    
tcl/generic/tclUtil.c:3846:15: runtime error: negation of -2147483648 cannot be represented in type 'int'; cast to an unsigned type to negate this value to itself
tcl/generic/tclUtil.c:3770:26: runtime error: signed integer overflow: -1 + -2147483648 cannot be represented in type 'int'

User Comments: jan.nijtmans added on 2022-03-06 16:16:27:

Thanks! Fixed now in [7913cae186572c3d].

This problem was already fixed in Tcl 8.7, thanks to TIP #502. Your patch does nothing more than eliminate the warnings using type-casts, it doesn't change the result for 8.6, so that's OK for 8.6.

chrstphrchvz added on 2022-02-17 09:52:53:

Does the patch address the existing overflow concerns in SetEndOffsetFromAny(), or did those refer to something else (e.g. whether an overflow made sense as a useful result)?

Attachments:

This page was generated in about 0.009s by Fossil 2.25 [2ba99c273b] 2024-05-21 11:18:46