groff
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Possibly incomplete bounds check after strtol(3)


From: Alejandro Colomar
Subject: Re: Possibly incomplete bounds check after strtol(3)
Date: Wed, 13 Mar 2024 00:33:14 +0100

On Wed, Mar 13, 2024 at 12:27:33AM +0100, Alejandro Colomar wrote:
> On Tue, Mar 12, 2024 at 11:22:32PM +0100, Alejandro Colomar wrote:
> > On Tue, Mar 12, 2024 at 05:05:31PM -0500, G. Branden Robinson wrote:
> > > 147     case 'h':
> > > 148       {
> > > 149         int requested_hash_table_size;
> > > 150         check_integer_arg('h', optarg, 1, &requested_hash_table_size);
> > > 151         hash_table_size = requested_hash_table_size;
> > > 152         if ((hash_table_size > 2) && (hash_table_size % 2) == 0)
> > > 153                 hash_table_size++;
> > > 154         while (!is_prime(hash_table_size))
> > > 155           hash_table_size += 2;
> > > 156         if (hash_table_size != requested_hash_table_size)
> > > 157           warning("requested hash table size %1 is not prime: using 
> > > %2"
> > > 158                   " instead", optarg, hash_table_size);
> > > 159       }
> > > 160       break;
> > > 
> > > You may see another problem here.  We accept '1' as an argument, but
> > > then pass it to a function called `is_prime()`...which fails an
> > > assertion on that input.  Whoops.
> > 
> > Hmmm, yeah.  So you could raise it to 3, and then also drop the >2 test.
> 
> Whoops, no.  The liwer bound is 2, and you still need the >2 test.

BTW, you may want to add a ceil_prime() function to put that logic.


-- 
<https://www.alejandro-colomar.es/>
Looking for a remote C programming job at the moment.

Attachment: signature.asc
Description: PGP signature


reply via email to

[Prev in Thread] Current Thread [Next in Thread]