Ticket UUID: | 4789e18fcba7534cf2ca908eee2cca032e955c6e | |||
Title: | signed integer overflow during obj-31.6 | |||
Type: | Patch | Version: | core-8-6-branch | |
Submitter: | chrstphrchvz | Created on: | 2022-02-17 00:12:05 | |
Subsystem: | 13. Index Object | Assigned To: | jan.nijtmans | |
Priority: | 5 Medium | Severity: | Minor | |
Status: | Closed | Last Modified: | 2022-03-06 16:16:27 | |
Resolution: | Fixed | Closed By: | jan.nijtmans | |
Closed on: | 2022-03-06 16:16:27 | |||
Description: |
This command (equivalent to test obj-31.6) triggers signed integer overflow (undefined behavior), which the attached patch addresses: % string index {} end--0x80000000 tcl/generic/tclUtil.c:3846:15: runtime error: negation of -2147483648 cannot be represented in type 'int'; cast to an unsigned type to negate this value to itself tcl/generic/tclUtil.c:3770:26: runtime error: signed integer overflow: -1 + -2147483648 cannot be represented in type 'int' | |||
User Comments: |
jan.nijtmans added on 2022-03-06 16:16:27:
Thanks! Fixed now in [7913cae186572c3d]. This problem was already fixed in Tcl 8.7, thanks to TIP #502. Your patch does nothing more than eliminate the warnings using type-casts, it doesn't change the result for 8.6, so that's OK for 8.6. chrstphrchvz added on 2022-02-17 09:52:53: Does the patch address the existing overflow concerns in SetEndOffsetFromAny(), or did those refer to something else (e.g. whether an overflow made sense as a useful result)? |
Attachments:
- obj-31.6-overflow.diff [download] added by chrstphrchvz on 2022-02-17 00:12:41. [details]