validator/val_sigcrypt.c:1346:10: runtime error: signed integer overflow: -823674496 - 1513296000 cannot be represented in type 'int'

[noloader]

Hi Everyone,

I'm working from master and using instrumented builds. Building on Ubuntu 18.04 with UBsan. Running make test results in:

test signature verify:./testdata/test_signatures.9
validator/val_sigcrypt.c:1346:10: runtime error: signed integer overflow: -823674496 - 1513296000 cannot be represented in type 'int'
Makefile:316: recipe for target 'test' failed

---

You can setup the test rig by exporting CFLAGS with UBsan enabled:

$ git clone https://github.com/NLnetLabs/unbound.git
$ cd unbound
$ export CFLAGS="-DNDEBUG -g2 -O3 -fsanitize=undefined -fno-sanitize-recover"
$ ./make-master.sh
...
$ make test
...

[wcawijngaards]

Fixed in 57bbbfc . Thanks for the report!

It is a false positive, but the casts signal this. The serial number arithmetic is defined in RFC1982, if you are curious. This is how RRSIG signature expiry is signalled on the wire. 32bit, but relative to the current time, sort of, without needing 64bit for 2038.

[wcawijngaards]

Fixed in 57bbbfc . Thanks for the report!

It is a false positive, but the casts signal this. The serial number arithmetic is defined in RFC1982, if you are curious. This is how RRSIG signature expiry is signalled on the wire. 32bit, but relative to the current time, sort of, without needing 64bit for 2038.