My bignum fuzzer running at OSS-Fuzz came up with this:
hgcd2.c:223:42: runtime error: shift exponent 64 is too large for
64-bit type 'mp_limb_t' (aka 'unsigned long')
#0 0x76a4db in div2 /src/libgmp/mpn/hgcd2.c:223:42
#1 0x769684 in __gmpn_hgcd2 /src/libgmp/mpn/hgcd2.c:372:18
#2 0x74ac55 in
I don't mind if you don't fix it, but technically undefined behavior
can have consequences beyond the value of the involved variable.
On Wed, Sep 18, 2019 at 9:20 PM Torbjörn Granlund wrote:
>
> Guido Vranken writes:
>
> My bignum fuzzer running at OSS-Fuzz came up with this:
&
0
> +++ mini-gmp.c 2022-08-29 10:27:36.112191428 +0200
> @@ -3060,6 +3060,7 @@
>if (en == 0)
> {
>mpz_set_ui (r, 1);
> + mpz_tdiv_r (r, r, m);
>return;
> }
>
> Paul
>
> > From: Guido Vranken
> > Date: Sun, 28 Aug 2022 16:2
The following program computes 1^0 % 1:
//#include
#include "mini-gmp.c"
#include
#define CF_CHECK_EQ(expr, res) if ( (expr) != (res) ) { goto end; }
int main(void)
{
mpz_t a, b, c, res;
char* s = NULL;
/* noret */ mpz_init(a);
/* noret */ mpz_init(b);
/* noret */
I've confirmed with my fuzzer that the committed patch resolves the issues.
Thanks.
On Sun, Feb 18, 2024 at 8:27 PM Niels Möller wrote:
> marco.bodr...@tutanota.com writes:
>
> > The only reason why I prefer my solution is: when cmp<0, there is no
> need to compute
> > mpz_sub (t1, t0, t1);
>
>
Computing extended gcd using mpz_gcdext where a = 1, b = 2:
libgmp: g: 1, s: 1, t: 0
mini-gmp: g: 1, s: -1, t: 1
This violates the docs: "s = sgn(a) if abs(b) = 2", e.g. s must be 1
Computing extended gcd using mpz_gcdext where a = 6, b = 4:
libgmp: g: 2, s: 1, t: -1
mini-libgmp: g: 2, s: -1, t:
