tool_operate.c:996:9: runtime error: -1e+21 is outside the range of representable values of type 'long' #1730

geeknik · 2017-08-04T09:08:01Z

I did this

Compiled with UBSan, ASan and afl-clang-fast.

UBSAN_OPTIONS=print_stacktrace=1:halt_on_error=1 ~/curl/src/curl -K test023

I did not expect the following

Warning: test023:4: warning: 'MR' is unknown
Warning: test023:6: warning: '-▒' had unsupported trailing garbage
Warning: test023:9: warning: 'R' is ambiguous
Warning: test023:12: warning: '-m' expected a positive numerical parameter
tool_operate.c:996:9: runtime error: -1e+21 is outside the range of representable values of type 'long'
    #0 0x53fcdf in operate_do /root/curl/src/tool_operate.c:996:9
    #1 0x5305cc in operate /root/curl/src/tool_operate.c:2064:20
    #2 0x52d4f9 in main /root/curl/src/tool_main.c:252:14
    #3 0x7fec17be3b44 in __libc_start_main /build/glibc-6V9RKT/glibc-2.19/csu/libc-start.c:287
    #4 0x42123b in _start (/root/curl/src/curl+0x42123b)

SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior tool_operate.c:996:9

curl/libcurl version

git 7093488

operating system

Fedora 26 x64

test023.gz

The text was updated successfully, but these errors were encountered:

Make the number parser aware of the maximum limit curl accepts for a value and return an error immediately if larger, instead of running an integer overflow later. Fixes #1730

bagder mentioned this issue Aug 6, 2017

curl: detect and bail out early on parameter integer overflows #1736

Closed

bagder closed this as completed in 5c7455f Aug 7, 2017

lock bot locked as resolved and limited conversation to collaborators May 6, 2018

tool_operate.c:996:9: runtime error: -1e+21 is outside the range of representable values of type 'long' #1730

tool_operate.c:996:9: runtime error: -1e+21 is outside the range of representable values of type 'long' #1730

Comments

geeknik commented Aug 4, 2017

I did this

I did not expect the following

curl/libcurl version

operating system