fix(size): avoid u64 overflow panic when parsing huge size args#1981
Closed
Bojun-Vvibe wants to merge 1 commit intosharkdp:masterfrom
Closed
fix(size): avoid u64 overflow panic when parsing huge size args#1981Bojun-Vvibe wants to merge 1 commit intosharkdp:masterfrom
Bojun-Vvibe wants to merge 1 commit intosharkdp:masterfrom
Conversation
Parsing size arguments like '+20000000T' used to panic due to unchecked multiplication of quantity by the unit multiplier. Use checked_mul so invalid (too-large) inputs are rejected as an error from the CLI instead of aborting the process.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Repo: sharkdp/fd (⭐ 36000)
Type: bugfix
Files changed: 1
Lines: +3/-1
What
SizeFilter::parse_optinsrc/filter/size.rsmultiplied the parsed quantityby its unit multiplier using plain
*. For values such as+20000000Tor+17000000Ti, that product overflowsu64and panics in debug builds (andwraps silently in release). This change replaces the multiplication with
checked_mul(...)?, making overflow cause the parser to returnNone— whichbubbles up as the normal "not a valid size constraint" error from the CLI.
Two regression tests are added alongside the existing failure cases.
Why
A user-supplied CLI argument should never be able to crash fd or silently be
misinterpreted. The existing parser validates format via regex but does not
guard against numeric overflow of the final computed byte count. With this
fix,
fd --size +20000000Tproduces a clean error message instead of anarithmetic overflow panic / wrapped value.
Testing
cargo test --bin fd size::— 86 passed, 0 failed, including the two newensure_overflow_returns_none_*cases.cargo test(overflow); after,they pass.
Risk
Low — change is a two-character semantic tweak confined to the size parser,
covered by pre-existing and new unit tests. No behavior change for valid
inputs.