Avoid triggering undefined behaviour in base_uint<BITS>::bits() #14510
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
laanwj
reviewed
Oct 18, 2018
| @@ -176,7 +176,7 @@ unsigned int base_uint<BITS>::bits() const | |||
| for (int pos = WIDTH - 1; pos >= 0; pos--) { | |||
| if (pn[pos]) { | |||
| for (int nbits = 31; nbits > 0; nbits--) { | |||
| if (pn[pos] & 1 << nbits) | |||
| if (pn[pos] & 1U << nbits) | |||
There was a problem hiding this comment.
pn[...] is uint32_t, how is this ever undefined behavior?
I don't think C ever "promotes" uint32_t to int.
There was a problem hiding this comment.
@laanwj With parenthesis it's pn[pos] & (1 << nbits); I believe the type of (1 << nbits) is indeed int, which in case of nbits == 31 is exceeding the size of the type.
There was a problem hiding this comment.
so let's make the counter an 'unsigned' then?
edit: oh, never mind, it's counting down, that wouldn't really work either...
There was a problem hiding this comment.
Can you add a test that fails without this fix?
There was a problem hiding this comment.
no, he can't—the whole problem, the whole shitshow with C and C++ is that you can't predict what will happen with undefined behavior—it can just work with one compiler or version and commit war crimes the next one
There was a problem hiding this comment.
@promag How would one test for the presence of undefined behaviour? :-)
If you are referring to the sanitisers there are no sanitisers flagging this UB AFAIK.
|
utACK 96f6dc9 |
|
This should also get fixed src/primitives/transaction.h: static const uint32_t SEQUENCE_LOCKTIME_DISABLE_FLAG = (1 << 31); utACK |
laanwj
added a commit
that referenced
this pull request
Oct 18, 2018
…::bits() 96f6dc9 Avoid triggering undefined behaviour in base_uint<BITS>::bits() (practicalswift) Pull request description: Avoid triggering undefined behaviour in `base_uint<BITS>::bits()`. `1 << 31` is undefined behaviour in C++11. Given the reasonable assumption of `sizeof(int) * CHAR_BIT == 32`. Tree-SHA512: 995fa38e71c8921873139ecf1b7dd54178555219af3be60d07290f379439ddd8479e3963c6f3cae8178efb61063a0f9add6cba82a5578d13888597b5bcd54f22
sipa
added a commit
that referenced
this pull request
Oct 20, 2018
…DISABLE_FLAG bc60c61 Avoid 1 << 31 (UB) in calculation of SEQUENCE_LOCKTIME_DISABLE_FLAG (practicalswift) Pull request description: Avoid `1 << 31` (UB) in calculation of `SEQUENCE_LOCKTIME_DISABLE_FLAG`. Context: #14510 (comment) Tree-SHA512: bdb4a913c6a82ff1a455ba67d3351f6408ff4116574329361644b483fea96b801fdc5c5659233856b591cd3a46ec669d3b5b438553e4240d7099c560eae2e2ae
jasonbcox
pushed a commit
to Bitcoin-ABC/bitcoin-abc
that referenced
this pull request
May 31, 2019
…DISABLE_FLAG Summary: PR14513 backport https://github.com/bitcoin/bitcoin/pull/14513/files bc60c615a5 Avoid 1 << 31 (UB) in calculation of SEQUENCE_LOCKTIME_DISABLE_FLAG (practicalswift) Pull request description: Avoid `1 << 31` (UB) in calculation of `SEQUENCE_LOCKTIME_DISABLE_FLAG`. Context: bitcoin/bitcoin#14510 (comment) Test Plan: `make check` Reviewers: Fabien, #bitcoin_abc, deadalnix Reviewed By: #bitcoin_abc, deadalnix Differential Revision: https://reviews.bitcoinabc.org/D3127
jtoomim
pushed a commit
to jtoomim/bitcoin-abc
that referenced
this pull request
Jun 29, 2019
…DISABLE_FLAG Summary: PR14513 backport https://github.com/bitcoin/bitcoin/pull/14513/files bc60c615a5 Avoid 1 << 31 (UB) in calculation of SEQUENCE_LOCKTIME_DISABLE_FLAG (practicalswift) Pull request description: Avoid `1 << 31` (UB) in calculation of `SEQUENCE_LOCKTIME_DISABLE_FLAG`. Context: bitcoin/bitcoin#14510 (comment) Test Plan: `make check` Reviewers: Fabien, #bitcoin_abc, deadalnix Reviewed By: #bitcoin_abc, deadalnix Differential Revision: https://reviews.bitcoinabc.org/D3127
PastaPastaPasta
pushed a commit
to PastaPastaPasta/dash
that referenced
this pull request
Jun 27, 2021
…t<BITS>::bits() 96f6dc9 Avoid triggering undefined behaviour in base_uint<BITS>::bits() (practicalswift) Pull request description: Avoid triggering undefined behaviour in `base_uint<BITS>::bits()`. `1 << 31` is undefined behaviour in C++11. Given the reasonable assumption of `sizeof(int) * CHAR_BIT == 32`. Tree-SHA512: 995fa38e71c8921873139ecf1b7dd54178555219af3be60d07290f379439ddd8479e3963c6f3cae8178efb61063a0f9add6cba82a5578d13888597b5bcd54f22
PastaPastaPasta
pushed a commit
to PastaPastaPasta/dash
that referenced
this pull request
Jun 27, 2021
…CKTIME_DISABLE_FLAG bc60c61 Avoid 1 << 31 (UB) in calculation of SEQUENCE_LOCKTIME_DISABLE_FLAG (practicalswift) Pull request description: Avoid `1 << 31` (UB) in calculation of `SEQUENCE_LOCKTIME_DISABLE_FLAG`. Context: bitcoin#14510 (comment) Tree-SHA512: bdb4a913c6a82ff1a455ba67d3351f6408ff4116574329361644b483fea96b801fdc5c5659233856b591cd3a46ec669d3b5b438553e4240d7099c560eae2e2ae
PastaPastaPasta
pushed a commit
to PastaPastaPasta/dash
that referenced
this pull request
Jun 28, 2021
…t<BITS>::bits() 96f6dc9 Avoid triggering undefined behaviour in base_uint<BITS>::bits() (practicalswift) Pull request description: Avoid triggering undefined behaviour in `base_uint<BITS>::bits()`. `1 << 31` is undefined behaviour in C++11. Given the reasonable assumption of `sizeof(int) * CHAR_BIT == 32`. Tree-SHA512: 995fa38e71c8921873139ecf1b7dd54178555219af3be60d07290f379439ddd8479e3963c6f3cae8178efb61063a0f9add6cba82a5578d13888597b5bcd54f22
PastaPastaPasta
pushed a commit
to PastaPastaPasta/dash
that referenced
this pull request
Jun 28, 2021
…CKTIME_DISABLE_FLAG bc60c61 Avoid 1 << 31 (UB) in calculation of SEQUENCE_LOCKTIME_DISABLE_FLAG (practicalswift) Pull request description: Avoid `1 << 31` (UB) in calculation of `SEQUENCE_LOCKTIME_DISABLE_FLAG`. Context: bitcoin#14510 (comment) Tree-SHA512: bdb4a913c6a82ff1a455ba67d3351f6408ff4116574329361644b483fea96b801fdc5c5659233856b591cd3a46ec669d3b5b438553e4240d7099c560eae2e2ae
PastaPastaPasta
pushed a commit
to PastaPastaPasta/dash
that referenced
this pull request
Jun 29, 2021
…t<BITS>::bits() 96f6dc9 Avoid triggering undefined behaviour in base_uint<BITS>::bits() (practicalswift) Pull request description: Avoid triggering undefined behaviour in `base_uint<BITS>::bits()`. `1 << 31` is undefined behaviour in C++11. Given the reasonable assumption of `sizeof(int) * CHAR_BIT == 32`. Tree-SHA512: 995fa38e71c8921873139ecf1b7dd54178555219af3be60d07290f379439ddd8479e3963c6f3cae8178efb61063a0f9add6cba82a5578d13888597b5bcd54f22
PastaPastaPasta
pushed a commit
to PastaPastaPasta/dash
that referenced
this pull request
Jun 29, 2021
…CKTIME_DISABLE_FLAG bc60c61 Avoid 1 << 31 (UB) in calculation of SEQUENCE_LOCKTIME_DISABLE_FLAG (practicalswift) Pull request description: Avoid `1 << 31` (UB) in calculation of `SEQUENCE_LOCKTIME_DISABLE_FLAG`. Context: bitcoin#14510 (comment) Tree-SHA512: bdb4a913c6a82ff1a455ba67d3351f6408ff4116574329361644b483fea96b801fdc5c5659233856b591cd3a46ec669d3b5b438553e4240d7099c560eae2e2ae
PastaPastaPasta
pushed a commit
to PastaPastaPasta/dash
that referenced
this pull request
Jul 1, 2021
…t<BITS>::bits() 96f6dc9 Avoid triggering undefined behaviour in base_uint<BITS>::bits() (practicalswift) Pull request description: Avoid triggering undefined behaviour in `base_uint<BITS>::bits()`. `1 << 31` is undefined behaviour in C++11. Given the reasonable assumption of `sizeof(int) * CHAR_BIT == 32`. Tree-SHA512: 995fa38e71c8921873139ecf1b7dd54178555219af3be60d07290f379439ddd8479e3963c6f3cae8178efb61063a0f9add6cba82a5578d13888597b5bcd54f22
PastaPastaPasta
pushed a commit
to PastaPastaPasta/dash
that referenced
this pull request
Jul 1, 2021
…CKTIME_DISABLE_FLAG bc60c61 Avoid 1 << 31 (UB) in calculation of SEQUENCE_LOCKTIME_DISABLE_FLAG (practicalswift) Pull request description: Avoid `1 << 31` (UB) in calculation of `SEQUENCE_LOCKTIME_DISABLE_FLAG`. Context: bitcoin#14510 (comment) Tree-SHA512: bdb4a913c6a82ff1a455ba67d3351f6408ff4116574329361644b483fea96b801fdc5c5659233856b591cd3a46ec669d3b5b438553e4240d7099c560eae2e2ae
PastaPastaPasta
pushed a commit
to PastaPastaPasta/dash
that referenced
this pull request
Jul 1, 2021
…t<BITS>::bits() 96f6dc9 Avoid triggering undefined behaviour in base_uint<BITS>::bits() (practicalswift) Pull request description: Avoid triggering undefined behaviour in `base_uint<BITS>::bits()`. `1 << 31` is undefined behaviour in C++11. Given the reasonable assumption of `sizeof(int) * CHAR_BIT == 32`. Tree-SHA512: 995fa38e71c8921873139ecf1b7dd54178555219af3be60d07290f379439ddd8479e3963c6f3cae8178efb61063a0f9add6cba82a5578d13888597b5bcd54f22
PastaPastaPasta
pushed a commit
to PastaPastaPasta/dash
that referenced
this pull request
Jul 1, 2021
…CKTIME_DISABLE_FLAG bc60c61 Avoid 1 << 31 (UB) in calculation of SEQUENCE_LOCKTIME_DISABLE_FLAG (practicalswift) Pull request description: Avoid `1 << 31` (UB) in calculation of `SEQUENCE_LOCKTIME_DISABLE_FLAG`. Context: bitcoin#14510 (comment) Tree-SHA512: bdb4a913c6a82ff1a455ba67d3351f6408ff4116574329361644b483fea96b801fdc5c5659233856b591cd3a46ec669d3b5b438553e4240d7099c560eae2e2ae
PastaPastaPasta
pushed a commit
to PastaPastaPasta/dash
that referenced
this pull request
Jul 1, 2021
…t<BITS>::bits() 96f6dc9 Avoid triggering undefined behaviour in base_uint<BITS>::bits() (practicalswift) Pull request description: Avoid triggering undefined behaviour in `base_uint<BITS>::bits()`. `1 << 31` is undefined behaviour in C++11. Given the reasonable assumption of `sizeof(int) * CHAR_BIT == 32`. Tree-SHA512: 995fa38e71c8921873139ecf1b7dd54178555219af3be60d07290f379439ddd8479e3963c6f3cae8178efb61063a0f9add6cba82a5578d13888597b5bcd54f22
PastaPastaPasta
pushed a commit
to PastaPastaPasta/dash
that referenced
this pull request
Jul 1, 2021
…CKTIME_DISABLE_FLAG bc60c61 Avoid 1 << 31 (UB) in calculation of SEQUENCE_LOCKTIME_DISABLE_FLAG (practicalswift) Pull request description: Avoid `1 << 31` (UB) in calculation of `SEQUENCE_LOCKTIME_DISABLE_FLAG`. Context: bitcoin#14510 (comment) Tree-SHA512: bdb4a913c6a82ff1a455ba67d3351f6408ff4116574329361644b483fea96b801fdc5c5659233856b591cd3a46ec669d3b5b438553e4240d7099c560eae2e2ae
gades
pushed a commit
to cosanta/cosanta-core
that referenced
this pull request
Apr 23, 2022
…t<BITS>::bits() 96f6dc9 Avoid triggering undefined behaviour in base_uint<BITS>::bits() (practicalswift) Pull request description: Avoid triggering undefined behaviour in `base_uint<BITS>::bits()`. `1 << 31` is undefined behaviour in C++11. Given the reasonable assumption of `sizeof(int) * CHAR_BIT == 32`. Tree-SHA512: 995fa38e71c8921873139ecf1b7dd54178555219af3be60d07290f379439ddd8479e3963c6f3cae8178efb61063a0f9add6cba82a5578d13888597b5bcd54f22
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Avoid triggering undefined behaviour in
base_uint<BITS>::bits().1 << 31is undefined behaviour in C++11.Given the reasonable assumption of
sizeof(int) * CHAR_BIT == 32.