44 lines
1.5 KiB
Diff
44 lines
1.5 KiB
Diff
|
From 1ea7255f8b0661cdfabbd13f8f443f81665a07e0 Mon Sep 17 00:00:00 2001
|
||
|
|
From: Paul Eggert <eggert@cs.ucla.edu>
|
||
|
|
Date: Sat, 3 Aug 2024 22:59:12 -0700
|
||
|
|
Subject: [PATCH] shuf: avoid integer overflow on huge inputs
|
||
|
|
|
||
|
|
* gl/lib/randperm.c: Include <stdckdint.h>.
|
||
|
|
(randperm_bound): Return SIZE_MAX if the multiplication overflows.
|
||
|
|
Do not overflow when converting bit count to byte count.
|
||
|
|
|
||
|
|
Reference:https://github.com/coreutils/coreutils/commit/1ea7255f8b0661cdfabbd13f8f443f81665a07e0
|
||
|
|
Conflict:change gl/lib/randperm.c to lib/randperm.c; Adaptation to INT_MULTIPLY_WRAPV() and floor_lg()
|
||
|
|
|
||
|
|
---
|
||
|
|
lib/randperm.c | 10 ++++++----
|
||
|
|
1 file changed, 6 insertions(+), 4 deletions(-)
|
||
|
|
|
||
|
|
diff --git a/lib/randperm.c b/lib/randperm.c
|
||
|
|
index c01c296..7517884 100644
|
||
|
|
--- a/lib/randperm.c
|
||
|
|
+++ b/lib/randperm.c
|
||
|
|
@@ -53,13 +53,15 @@ randperm_bound (size_t h, size_t n)
|
||
|
|
{
|
||
|
|
/* Upper bound on number of bits needed to generate the first number
|
||
|
|
of the permutation. */
|
||
|
|
- uintmax_t lg_n = floor_lg (n) + 1;
|
||
|
|
+ unsigned int lg_n = floor_lg (n) + 1;
|
||
|
|
|
||
|
|
- /* Upper bound on number of bits needed to generated the first H elements. */
|
||
|
|
- uintmax_t ar = lg_n * h;
|
||
|
|
+ /* Upper bound on number of bits needed to generate the first H elements. */
|
||
|
|
+ uintmax_t ar;
|
||
|
|
+ if (INT_MULTIPLY_WRAPV (lg_n, h, &ar))
|
||
|
|
+ return SIZE_MAX;
|
||
|
|
|
||
|
|
/* Convert the bit count to a byte count. */
|
||
|
|
- size_t bound = (ar + CHAR_BIT - 1) / CHAR_BIT;
|
||
|
|
+ size_t bound = ar / CHAR_BIT + (ar % CHAR_BIT != 0);
|
||
|
|
|
||
|
|
return bound;
|
||
|
|
}
|
||
|
|
--
|
||
|
|
2.43.0
|
||
|
|
|