t...@gmplib.org (Torbjörn Granlund) writes:
> Or simply:
>
> dh = (dh << dcnt) + (dl >> (GMP_LIMB_BITS - 1 - dcnt) >> 1);
Looks better, thanks.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
I don't mind if you don't fix it, but technically undefined behavior
can have consequences beyond the value of the involved variable.
On Wed, Sep 18, 2019 at 9:20 PM Torbjörn Granlund wrote:
>
> Guido Vranken writes:
>
> My bignum fuzzer running at OSS-Fuzz came up with this:
>
>
ni...@lysator.liu.se (Niels Möller) writes:
Is it reasonable to change it to
#define LIMB_SHIFT_MASK (GMP_LIMB_BITS - 1)
dh = (dh << dcnt) + (-(dcnt > 0) & (dl >> (LIMB_SHIFT_MASK & - dcnt)));
Or simply:
dh = (dh << dcnt) + (dl >> (GMP_LIMB_BITS - 1 - dcnt) >> 1);
--
Torbjörn
t...@gmplib.org (Torbjörn Granlund) writes:
> I think it is a false positive. The result of the shifted value is
> masked when the shift count is not in range.
The line in question is
dh = (dh << dcnt) + (-(dcnt > 0) & (dl >> (GMP_LIMB_BITS - dcnt)));
Should be fine if shift by 64 is
On 2019-09-18 21:20:41 +0200, Torbjorn Granlund wrote:
> Guido Vranken writes:
>
> My bignum fuzzer running at OSS-Fuzz came up with this:
>
> hgcd2.c:223:42: runtime error: shift exponent 64 is too large for
> 64-bit type 'mp_limb_t' (aka 'unsigned long')
> #0 0x76a4db in div2
Guido Vranken writes:
My bignum fuzzer running at OSS-Fuzz came up with this:
hgcd2.c:223:42: runtime error: shift exponent 64 is too large for
64-bit type 'mp_limb_t' (aka 'unsigned long')
#0 0x76a4db in div2 /src/libgmp/mpn/hgcd2.c:223:42
#1 0x769684 in __gmpn_hgcd2
My bignum fuzzer running at OSS-Fuzz came up with this:
hgcd2.c:223:42: runtime error: shift exponent 64 is too large for
64-bit type 'mp_limb_t' (aka 'unsigned long')
#0 0x76a4db in div2 /src/libgmp/mpn/hgcd2.c:223:42
#1 0x769684 in __gmpn_hgcd2 /src/libgmp/mpn/hgcd2.c:372:18
#2 0x74ac55 in
