From patchwork Fri Feb 2 15:09:05 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ian McCormack X-Patchwork-Id: 85233 Return-Path: X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 783D43857C4F for ; Fri, 2 Feb 2024 15:09:46 +0000 (GMT) X-Original-To: gcc-patches@gcc.gnu.org Delivered-To: gcc-patches@gcc.gnu.org Received: from mail-qv1-xf31.google.com (mail-qv1-xf31.google.com [IPv6:2607:f8b0:4864:20::f31]) by sourceware.org (Postfix) with ESMTPS id 418BD3858403 for ; Fri, 2 Feb 2024 15:09:09 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 418BD3858403 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=gmail.com ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 418BD3858403 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=2607:f8b0:4864:20::f31 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1706886551; cv=none; b=EAOf0lZAI6uNeI9FNQgDAEQ9C59ufWM40/I/0xp2nEiQhDGgt2JCdkf1rVVjJufYDmBztfWbfWmrxF9t8PbHiaJ4bPtySlyx1l8I2yIeqNEf/OYlWKVkOqdWiZnzLwjUC1xpJGwsi0KDIWhs1Dw3tCJJ0BiwYGgGxqEnGoSS1FQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1706886551; c=relaxed/simple; bh=mQZ/QYaL9BHzDMN+eDh/j/lvwH5nqqkgIXlCZSIJY2I=; h=DKIM-Signature:From:To:Subject:Date:Message-Id:MIME-Version; b=HX5x4xkqmIPFag6bVkB2GY9G6ekfA2QXlqBJiOsmTGzV10uQvfHuokOGCe34Z2DQUp8RKEPK1PmahSu8qOZom/MLy9pX2tLO0hpch73/getPpYfZXentDWqAephOj5w/3/QYm8WqeR8IQrz+rxbizWyO9wwpeTLNHfhuuQefo3M= ARC-Authentication-Results: i=1; server2.sourceware.org Received: by mail-qv1-xf31.google.com with SMTP id 6a1803df08f44-68c8790aeadso3951126d6.1 for ; Fri, 02 Feb 2024 07:09:09 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1706886548; x=1707491348; darn=gcc.gnu.org; h=content-transfer-encoding:mime-version:message-id:date:subject:to :from:from:to:cc:subject:date:message-id:reply-to; bh=A/XfTXXqZwa4yUiJouL83ZK35c0C4iofACgXmpvAxwo=; b=H67392O6VmQlk42iPpniOrg9sknLFZqEIOoETKP7Rg/qP1JWACQTl3kk9MiLzh0OpU HLqPDiUmqn34GqyE4wsY4n5ODQAp/sQN2N3S1M6RSKAlDRlW/nEn6AHogu4vtHbneCSb yZmW19eqzde0+D+bkGQ1aJqDMkUIr/P62M+vAnSH1wbpSHeCbJpuyUZBBD3GGzyvEsty dSFPyaYS5+C2wIYVNdMrABXXrinABG8H6fo5rvOLaYdX3GL6rBxQNEQ8NvAOYxfygdLd IAka+drskvpUYstQ3cbT4s1SRVJcT2bw/WMTdZ9y5NhsXZnM/X+GHyl7Wd6NCZJ7sZoU Svag== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1706886548; x=1707491348; h=content-transfer-encoding:mime-version:message-id:date:subject:to :from:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=A/XfTXXqZwa4yUiJouL83ZK35c0C4iofACgXmpvAxwo=; b=AGoq2KAxkUPGnwrDPoi3vkP+Qsl5QVJw623H4Lxep9nH3a2y7AA8QxjAwsB1v1qIs0 nuUz/fBE/cj+G7W8tIYdg39idZM+1uWQeDXPRQZy22Up07ilM1+rMRh8Uw+zWfU/2Bft qMxjEa0EyTluc8jT1CsLZqoZVGf2DdxG0XoqeLiLL97w02NU+hJ2xFfkrckVMtv2m248 OmAlbDfDvpZ0ZAyIe38QEaLm+78Ax70PbRiav9AxIeFm6/MO0aAD1c5bZynyBaJ2Bx6h BfoF8IMhIforB9fXni1Ii4W3seDBiy1eNWSD5vQqEyS/LTdPxM7fdRgHJBGNJybE3GxA nNmQ== X-Gm-Message-State: AOJu0YwlAdIVqsfVBIwevst+A2TqCVlJz1fy85mTgmJzyta0f8t7jHzQ /dNOsYXFvSt8LjWOK8xjlFFz7nZTuESwiZ4hUgK72+zU0l/k0ps1nrlnvcxw X-Google-Smtp-Source: AGHT+IHJCPF9Cm26xIKcO8kTN0GLwZ0PH3uU/qac4v8ObuzZfF7S/dZMy07WsZndMH6mszQ0UYq4Ig== X-Received: by 2002:a05:6214:5014:b0:68c:49a1:5c95 with SMTP id jo20-20020a056214501400b0068c49a15c95mr6450121qvb.55.1706886547744; Fri, 02 Feb 2024 07:09:07 -0800 (PST) Received: from GS21625.alias.cs.cmu.edu ([96.94.98.213]) by smtp.gmail.com with ESMTPSA id u14-20020a0cf88e000000b006848cc2817esm884160qvn.33.2024.02.02.07.09.07 for (version=TLS1_3 cipher=TLS_CHACHA20_POLY1305_SHA256 bits=256/256); Fri, 02 Feb 2024 07:09:07 -0800 (PST) From: Ian McCormack X-Google-Original-From: Ian McCormack To: gcc-patches@gcc.gnu.org Subject: [PATCH 1/2] libdecnumber: fixed undefined behavior in `decFloatFMA` Date: Fri, 2 Feb 2024 10:09:05 -0500 Message-Id: <20240202150905.42775-1-icmccorm@andrew.cmu.edu> X-Mailer: git-send-email 2.39.3 (Apple Git-145) MIME-Version: 1.0 X-Spam-Status: No, score=-6.9 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, GIT_PATCH_0, RCVD_IN_ABUSEAT, RCVD_IN_DNSWL_NONE, RCVD_IN_SBL_CSS, SPF_HELO_NONE, SPF_PASS, TXREP, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: gcc-patches@gcc.gnu.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Gcc-patches mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: gcc-patches-bounces+patchwork=sourceware.org@gcc.gnu.org This patch fixes a minor instance of undefined behavior in libdecnumber. It was discovered in the Rust bindings for libdecnumber (`dec`) using a custom version of MIRI that can execute foreign functions. Within the function `decFloatFMA`, the pointer `lo->msd` is initialized to point to a byte array of size 56. ``` uByte acc[FMALEN]; /* for multiplied coefficient in BCD */ ... ub=acc+FMALEN-1; /* where lsd of result will go */ ... lo->msd=ub+1; lo->lsd=acc+FMALEN-1; ``` However, `lo->msd` is then offset in increments of 4, which leads to a read of two bytes beyond the size of `acc`. This patch switches to reading in increments of 2 instead of 4. Bootstrapped on x86_64-pc-linux-gnu with no regressions. libdecnumber/ChangeLog * decBasic.c: Increment `lo->msd` by 2 instead of 4 in `decFloatFMA` to avoid undefined behavior. --- libdecnumber/decBasic.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/libdecnumber/decBasic.c b/libdecnumber/decBasic.c index 6319f66b25d..3c8d71a2949 100644 --- a/libdecnumber/decBasic.c +++ b/libdecnumber/decBasic.c @@ -2023,6 +2023,7 @@ decFloat * decFloatFMA(decFloat *result, const decFloat *dfl, uInt carry; /* +1 for ten's complement and during add */ uByte *ub, *uh, *ul; /* work */ uInt uiwork; /* for macros */ + uShort uswork; /* handle all the special values [any special operand leads to a */ /* special result] */ @@ -2252,7 +2253,7 @@ decFloat * decFloatFMA(decFloat *result, const decFloat *dfl, /* all done except for the special IEEE 754 exact-zero-result */ /* rule (see above); while testing for zero, strip leading */ /* zeros (which will save decFinalize doing it) */ - for (; UBTOUI(lo->msd)==0 && lo->msd+3lsd;) lo->msd+=4; + for (; UBTOUS(lo->msd)==0 && lo->msd+1lsd;) lo->msd+=2; for (; *lo->msd==0 && lo->msdlsd;) lo->msd++; if (*lo->msd==0) { /* must be true zero (and diffsign) */ lo->sign=0; /* assume + */ From patchwork Fri Feb 2 15:09:48 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ian McCormack X-Patchwork-Id: 85234 Return-Path: X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 11A593857C40 for ; Fri, 2 Feb 2024 15:10:55 +0000 (GMT) X-Original-To: gcc-patches@gcc.gnu.org Delivered-To: gcc-patches@gcc.gnu.org Received: from mail-qk1-x72d.google.com (mail-qk1-x72d.google.com [IPv6:2607:f8b0:4864:20::72d]) by sourceware.org (Postfix) with ESMTPS id 1345A3857C4F for ; Fri, 2 Feb 2024 15:09:52 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 1345A3857C4F Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=gmail.com ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 1345A3857C4F Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=2607:f8b0:4864:20::72d ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1706886594; cv=none; b=VZlDdZTxtJIVThls2f5ZHE9QrWXgLzAw4k41/0F/cRtFTbfvEOeznzBGpoS5euuMwQZNZwSX5SeD5bcn2Dyo67lwb3DUbnF7GKqOLsmsSq33K/DvVS+0jLezkHdBIHsqTO1rFUs/tP3hMJNiUPrsWuAF0Oue1sO/i+E4P4UHGK0= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1706886594; c=relaxed/simple; bh=motN9Dpa/QZJH7jetMT8pLGroUHklXBkPvg9tFSastk=; h=DKIM-Signature:From:To:Subject:Date:Message-Id:MIME-Version; b=mI00rwS1MT4xmbSshdY/uRskLwbZ+C3O6tPUMVaRQSps2GXpvn90Eqc7ac3wXv8q1fKmk++R3rLbQsXCdT0CWfhZJAYc9/Wa9KcNhW/NH3cYc/XaBcfR6QCPdf/koxsIPJfMsqZ85rNaHkWWk3O3fGj8McA8KZM6uru9GOFzMAg= ARC-Authentication-Results: i=1; server2.sourceware.org Received: by mail-qk1-x72d.google.com with SMTP id af79cd13be357-7810827e54eso141338285a.2 for ; Fri, 02 Feb 2024 07:09:52 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1706886590; x=1707491390; darn=gcc.gnu.org; h=content-transfer-encoding:mime-version:message-id:date:subject:to :from:from:to:cc:subject:date:message-id:reply-to; bh=Fd4rr/GakPE5pOsm6Oy4Vh3t59xuXHN/FZzm30BNmcQ=; b=TphzbsQU1m3vqE9KVjtrGTwzV1EH+w5dypJPa+JSaZ3pB8oG0tW2H2lD6HendWUisb Y+Lf9rmOp442MEtPIaaXnMWhQDQFeRCV1iwBcbnwRV6SnhMwm9QFsY+sOQdmLwAQREFu dzaTZGhOVp6iAPhGFEZZkTfzTMZNRjLmkXy7UG420tS3EKs0UzYsIT3AH1mX3vYPLFI8 SPny8x8kqJzcDXeG1Viho4u6HSCwNiQMrDJZGdFW4Y2cxFrHjPFHe7oO0KgwwuvekMOO lssPq60n4oF87Hq3Hd3fvqCr9A76iuLtEsArM5IKAO/hFwSkH4OcBtL88coEh7CLEnUl PkbA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1706886590; x=1707491390; h=content-transfer-encoding:mime-version:message-id:date:subject:to :from:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=Fd4rr/GakPE5pOsm6Oy4Vh3t59xuXHN/FZzm30BNmcQ=; b=efFl7JFrVjIPZkBYEkYMOb12e2XiR4SsQ+LU7Qz7ca+t7L5hrzgXHkWz8gCHGAE3o1 0m0zstkK2ezz3/jYir5AerQWRgV2fwsJT846hWOFqqt4tXdG3Xva7OAz3OwS5nF+aNnj iz2iijx329AwFqewWzGQZaTL6Gm6WsBcgWBQ8FjzJZOnkSKKcZaDA9iuL4/frRUCGcqY /NCMnuW8yFJ+52dHQjKi4K3EDOF1IT3BJAipfNtRIqVq+nMnb5wdUHe9oshV1YREP2sJ Utkv2XfOA7tPK+CTr4CuONbWHas38JNP1etcljb6SJpmNNBwU32x6ZVqasubuWvTB1Vk 3wgQ== X-Gm-Message-State: AOJu0YyIymBoxZyJ9VRkUuLUMI4GRgs8MYuG0wpE4dfjEuw9QvFJrpOl X6BMowvn/MKAFEbc+2yZhK9Bb9/hky4h6jtI7qYUhhA0LRR63xYxayBvOvGP X-Google-Smtp-Source: AGHT+IEe86EQirs5N3Ylm1uh8hUI3ZZjhzp7mNBC8LeHoZtc5x7+upIGbisEkNwtijwaTRjttvunbw== X-Received: by 2002:a05:620a:1226:b0:784:8c3:3503 with SMTP id v6-20020a05620a122600b0078408c33503mr2521994qkj.30.1706886590650; Fri, 02 Feb 2024 07:09:50 -0800 (PST) Received: from GS21625.alias.cs.cmu.edu ([96.94.98.213]) by smtp.gmail.com with ESMTPSA id z7-20020a05620a100700b00783749b0d2fsm745433qkj.94.2024.02.02.07.09.50 for (version=TLS1_3 cipher=TLS_CHACHA20_POLY1305_SHA256 bits=256/256); Fri, 02 Feb 2024 07:09:50 -0800 (PST) From: Ian McCormack X-Google-Original-From: Ian McCormack To: gcc-patches@gcc.gnu.org Subject: [PATCH 2/2] libdecnumber: fixed undefined behavior in decNumberGetBCD. Date: Fri, 2 Feb 2024 10:09:48 -0500 Message-Id: <20240202150948.42888-1-icmccorm@andrew.cmu.edu> X-Mailer: git-send-email 2.39.3 (Apple Git-145) MIME-Version: 1.0 X-Spam-Status: No, score=-6.9 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, GIT_PATCH_0, RCVD_IN_ABUSEAT, RCVD_IN_DNSWL_NONE, RCVD_IN_SBL_CSS, SPF_HELO_NONE, SPF_PASS, TXREP, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: gcc-patches@gcc.gnu.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Gcc-patches mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: gcc-patches-bounces+patchwork=sourceware.org@gcc.gnu.org This patch fixes a minor instance of undefined behavior in libdecnumber. It was discovered in the Rust bindings for libdecnumber (`dec`) using a custom version of MIRI that can execute foreign functions. On the last iteration of the `while` loop in `decNumberGetBCD`, the pointer `up` will be incremented beyond the end of the allocation `dn->lsu` before the assignment `u=*up`. This value does not affect the termination of the loop and is never read again, so this isn't really an issue, but this patch prevent an access out-of-bounds by only incrementing `up` if it is safe to do so. Bootstrapped on x86_64-pc-linux-gnu with no regressions. libdecnumber/ChangeLog * decNumber.c: In `decNumberGetBCD`, only read from `dn->lsu` while the pointer `up` is still within bounds. --- libdecnumber/decNumber.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/libdecnumber/decNumber.c b/libdecnumber/decNumber.c index 0b6eb160fe3..094bc51c14a 100644 --- a/libdecnumber/decNumber.c +++ b/libdecnumber/decNumber.c @@ -3463,7 +3463,8 @@ uByte * decNumberGetBCD(const decNumber *dn, uByte *bcd) { cut--; if (cut>0) continue; /* more in this unit */ up++; - u=*up; + if (ub > bcd) + u=*up; cut=DECDPUN; } #endif