GNU bug report logs - #18857
floating point exception on invalid argument

Previous Next

Package: diffutils;

Reported by: Tobias Stoeckmann <tobias <at> stoeckmann.org>

Date: Mon, 27 Oct 2014 20:07:01 UTC

Severity: normal

Done: Paul Eggert <eggert <at> cs.ucla.edu>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: help-debbugs <at> gnu.org (GNU bug Tracking System)
To: Tobias Stoeckmann <tobias <at> stoeckmann.org>
Subject: bug#18857: closed (Re: [bug-diffutils] bug#18857: floating point
 exception on invalid argument)
Date: Tue, 28 Oct 2014 05:26:03 +0000

[Message part 1 (text/plain, inline)]
Your bug report

#18857: floating point exception on invalid argument

which was filed against the diffutils package, has been closed.

The explanation is attached below, along with your original report.
If you require more details, please reply to 18857 <at> debbugs.gnu.org.

-- 
18857: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=18857
GNU Bug Tracking System
Contact help-debbugs <at> gnu.org with problems

[Message part 2 (message/rfc822, inline)]
From: Paul Eggert <eggert <at> cs.ucla.edu>
To: Tobias Stoeckmann <tobias <at> stoeckmann.org>, 
 18857-done <at> debbugs.gnu.org
Subject: Re: [bug-diffutils] bug#18857: floating point exception on invalid
 argument
Date: Mon, 27 Oct 2014 22:24:48 -0700

[Message part 3 (text/plain, inline)]
Tobias Stoeckmann wrote:
> I don't see the need to adjust anything
> except avoiding this special value.  I doubt that anyone ever needed
> these large numbers.

Yes, it's hard to imagine anyone needing a tabsize that large.  Still, the GNU 
policy is to avoid unnecessary limits, so it's better to make the limit as large 
as easily possible, which here would be SIZE_MAX - GUTTER_WIDTH_MINIMUM.  Also, 
I see there are other ways the nearby code can overflow.  Plus, we should put in 
a test case for this bug.  So I installed the attached patch, which should 
address these issues.  Thanks for reporting the problem.

[0001-diff-fix-integer-overflow-problem-with-tabsize.patch (text/plain, attachment)]
[Message part 5 (message/rfc822, inline)]
From: Tobias Stoeckmann <tobias <at> stoeckmann.org>
To: bug-diffutils <at> gnu.org
Subject: floating point exception on invalid argument
Date: Mon, 27 Oct 2014 21:06:01 +0100

Hi,

on 64 bit systems, an invalid tabsize argument can trigger a floating
point exception:

$ diff --tabsize=9223372036854775808 . .
Floating point exception

Offending line is this one:
    intmax_t off = (w + t + GUTTER_WIDTH_MINIMUM) / (2 * t)  *  t;

The tabsize I supplied is 2^63, multiplying by 2 will be 2^64 which
is too large, so the divisor overflows to 0.

This is a purely cosmetical fix, I don't see the need to adjust anything
except avoiding this special value.  I doubt that anyone ever needed
these large numbers.


Tobias

--- diffutils-3.3/src/diff.c~	2014-10-27 20:54:30.968656876 +0100
+++ diffutils-3.3/src/diff.c	2014-10-27 20:54:41.360708407 +0100
@@ -594,7 +594,7 @@
 
 	case TABSIZE_OPTION:
 	  numval = strtoumax (optarg, &numend, 10);
-	  if (! (0 < numval && numval <= SIZE_MAX) || *numend)
+	  if (! (0 < numval && numval <= SIZE_MAX / 2) || *numend)
 	    try_help ("invalid tabsize '%s'", optarg);
 	  if (tabsize != numval)
 	    {
This bug report was last modified 10 years and 287 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.