Skip to content

Check for integer overflow in Bytes.extend #934

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Dec 19, 2016
Merged

Check for integer overflow in Bytes.extend #934

merged 3 commits into from
Dec 19, 2016

Conversation

yallop
Copy link
Member

@yallop yallop commented Nov 26, 2016

Current behaviour:

# Bytes.extend "abc" max_int max_int;;
- : bytes = "\000"

With this fix:

# Bytes.extend "abc" max_int max_int;;
Exception: Invalid_argument "Bytes.extend".

gasche
gasche reviewed Nov 26, 2016
View reviewed changes
Changes
@@ -128,6 +128,9 @@ Next version (4.05.0):

### Bug fixes

- GPR#934: check for integer overflow in Bytes.extend
(Jeremy Yallop)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorting entries by MPR first, GPR second, this should go as the very last item of the category.

stdlib/bytes.ml
let len = length s + left in
if len < 0 then invalid_arg "Bytes.extend" else
let len = len + right in
if len < 0 then invalid_arg "Bytes.extend" else
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I find the shadowing used here not very readable. You could name the first variable len_left, or declare let (++) a b = (* check for overflow *) let c = a + b in if c < 0 then invalid_arg "Bytes.extend" else c and let len = length s ++ left ++ right.

@yallop yallop force-pushed the bytes-extend-overflow branch from ae0edd6 to 85c27f2 Compare November 28, 2016 09:55
@yallop
Copy link
Member Author

yallop commented Nov 28, 2016
edited
Loading

Thanks for the comments, @gasche. I've updated the patch.

I think this may need a bit more care before merging, though, since it rejects

Bytes.extend "abc" (-4) 4

which was previously accepted, and had reasonable behaviour. I'll come back to this shortly.

@yallop yallop force-pushed the bytes-extend-overflow branch from 85c27f2 to 35209c3 Compare December 19, 2016 10:34
@yallop yallop force-pushed the bytes-extend-overflow branch from 35209c3 to 5de7108 Compare December 19, 2016 14:19
@yallop
Copy link
Member Author

yallop commented Dec 19, 2016

I've updated the overflow check to take care with negative inputs (31f8776) and added a testsuite for Bytes.extend that includes tests both for existing behaviour and for the overflow check (5de7108).

@gasche gasche merged commit e51cbef into ocaml:trunk Dec 19, 2016
@gasche
Copy link
Member

gasche commented Dec 19, 2016

I'm partial to patches that come with testsuite support. Merged.

@yallop yallop deleted the bytes-extend-overflow branch December 19, 2016 14:58
camlspotter pushed a commit to camlspotter/ocaml that referenced this pull request Oct 17, 2017
@gasche
Merge pull request ocaml#934 from yallop/bytes-extend-overflow
ff79221 
Check for integer overflow in Bytes.extend
stedolan pushed a commit to stedolan/ocaml that referenced this pull request Mar 21, 2023
@gretay-js
inline fast path of caml_applyN (ocaml#934)
bba0b9f 
* Add compilation flag -caml-apply-inline-fast-path
* Use -caml-apply-inline-fast-path for main build and libraries
* Inline fast path of caml_apply
* Bind args
* Refactor and apply the same transformation to Flamba 2.
* Pass [ty] argument to [call_caml_apply]
* Add a CR about a version of caml_applyN that has only cold path
and update a comment.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gasche gasche gasche left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@yallop @gasche