fix: arithmetic overflow panic (#252)

vectordotdev · May 24, 2023 · 1ff642d · 1ff642d
1 parent c7c95b8
commit 1ff642d
Show file tree

Hide file tree

Showing 8 changed files with 36 additions and 11 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -3,6 +3,7 @@
 ## unreleased
 - added the `timezone` argument to the `format_timestamp` vrl function.
 - removed feature flags for each individual VRL function.
+- fixed a panic when arithmetic overflows. It now always wraps (only in debug builds).
 
 - `ingress_upstreaminfo` log format has been added to `parse_nginx_log` function (https://github.com/vectordotdev/vrl/pull/193)
 

diff --git a/lib/fuzz/src/main.rs b/lib/fuzz/src/main.rs
@@ -14,10 +14,8 @@ use vrl::value::Secrets;
 fn main() {
     fuzz!(|data: &[u8]| {
         if let Ok(src) = std::str::from_utf8(data) {
-            if src.contains('\\') || src.contains('*') {
-                // skipping known issues
-                // - invalid escapes
-                // - overflow from multiplication
+            if src.contains('\\') {
+                // skipping known issues with invalid escapes
                 return;
             }
             if src.len() > 10_000 {

diff --git a/lib/tests/tests/expressions/arithmetic/addition/overflow.vrl b/lib/tests/tests/expressions/arithmetic/addition/overflow.vrl
@@ -0,0 +1,3 @@
+# result: -9223372036854775808
+
+9223372036854775807+1
diff --git a/lib/tests/tests/expressions/arithmetic/multiplication/overflow.vrl b/lib/tests/tests/expressions/arithmetic/multiplication/overflow.vrl
@@ -0,0 +1,3 @@
+# result: 3578153274754795185
+
+444111111111*1111111111111111
diff --git a/lib/tests/tests/expressions/arithmetic/remainder/overflow.vrl b/lib/tests/tests/expressions/arithmetic/remainder/overflow.vrl
@@ -0,0 +1,3 @@
+# result: 0
+
+mod(-9223372036854775808,-1)
diff --git a/lib/tests/tests/expressions/arithmetic/subtraction/overflow.vrl b/lib/tests/tests/expressions/arithmetic/subtraction/overflow.vrl
@@ -0,0 +1,3 @@
+# result: 9223372036854775807
+
+-9223372036854775808 - 1
diff --git a/src/compiler/expression/op.rs b/src/compiler/expression/op.rs
@@ -106,6 +106,7 @@ impl Expression for Op {
         let lhs = self.lhs.resolve(ctx)?;
         let rhs = self.rhs.resolve(ctx)?;
 
+        // Arithmetic that can overflow should wrap
         match self.opcode {
             Mul => lhs.try_mul(rhs),
             Div => lhs.try_div(rhs),

diff --git a/src/compiler/value/arithmetic.rs b/src/compiler/value/arithmetic.rs
@@ -1,3 +1,5 @@
+#![deny(clippy::integer_arithmetic)]
+
 use std::collections::BTreeMap;
 
 use crate::value::Value;
@@ -73,7 +75,10 @@ impl VrlValueArithmetic for Value {
             Value::Integer(lhv) if rhs.is_float() => {
                 Value::from_f64_or_zero(lhv as f64 * rhs.try_float()?)
             }
-            Value::Integer(lhv) => (lhv * rhs.try_into_i64().map_err(|_| err())?).into(),
+            Value::Integer(lhv) => {
+                let rhv = rhs.try_into_i64().map_err(|_| err())?;
+                i64::wrapping_mul(lhv, rhv).into()
+            }
             Value::Float(lhv) => (lhv * rhs.try_into_f64().map_err(|_| err())?).into(),
             Value::Bytes(lhv) if rhs.is_integer() => {
                 Bytes::from(lhv.repeat(as_usize(rhs.try_integer()?))).into()
@@ -107,18 +112,20 @@ impl VrlValueArithmetic for Value {
     fn try_add(self, rhs: Self) -> Result<Self, ValueError> {
         let value = match (self, rhs) {
             (Value::Integer(lhs), Value::Float(rhs)) => Value::from_f64_or_zero(lhs as f64 + *rhs),
-            (Value::Integer(lhs), rhs) => (lhs
-                + rhs
+            (Value::Integer(lhs), rhs) => {
+                let rhv = rhs
                     .try_into_i64()
-                    .map_err(|_| ValueError::Add(Kind::integer(), rhs.kind()))?)
-            .into(),
+                    .map_err(|_| ValueError::Add(Kind::integer(), rhs.kind()))?;
+                i64::wrapping_add(lhs, rhv).into()
+            }
             (Value::Float(lhs), rhs) => (lhs
                 + rhs
                     .try_into_f64()
                     .map_err(|_| ValueError::Add(Kind::float(), rhs.kind()))?)
             .into(),
             (lhs @ Value::Bytes(_), Value::Null) => lhs,
             (Value::Bytes(lhs), Value::Bytes(rhs)) => {
+                #[allow(clippy::integer_arithmetic)]
                 let mut value = BytesMut::with_capacity(lhs.len() + rhs.len());
                 value.put(lhs);
                 value.put(rhs);
@@ -139,7 +146,10 @@ impl VrlValueArithmetic for Value {
             Value::Integer(lhv) if rhs.is_float() => {
                 Value::from_f64_or_zero(lhv as f64 - rhs.try_float()?)
             }
-            Value::Integer(lhv) => (lhv - rhs.try_into_i64().map_err(|_| err())?).into(),
+            Value::Integer(lhv) => {
+                let rhv = rhs.try_into_i64().map_err(|_| err())?;
+                i64::wrapping_sub(lhv, rhv).into()
+            }
             Value::Float(lhv) => (lhv - rhs.try_into_f64().map_err(|_| err())?).into(),
             _ => return Err(err()),
         };
@@ -198,7 +208,10 @@ impl VrlValueArithmetic for Value {
             Value::Integer(lhv) if rhs.is_float() => {
                 Value::from_f64_or_zero(lhv as f64 % rhs.try_float()?)
             }
-            Value::Integer(lhv) => (lhv % rhs.try_into_i64().map_err(|_| err())?).into(),
+            Value::Integer(lhv) => {
+                let rhv = rhs.try_into_i64().map_err(|_| err())?;
+                i64::wrapping_rem(lhv, rhv).into()
+            }
             Value::Float(lhv) => (lhv % rhs.try_into_f64().map_err(|_| err())?).into(),
             _ => return Err(err()),
         };