-
Notifications
You must be signed in to change notification settings - Fork 26
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
nn_mul_kara causes out-of-bounds reads #16
Comments
I'll take a look and see where it's going wrong.
Note that I have to work on this in my spare time, of which I have little
these days. So unless it's easy to give a correct fix, this might take me a
while. I'm of course happy to merge patches though, and see you've
submitted a PR.
|
Yeah, no worries. I might indeed attempt to produce a patch at some point. I just figured I'd try you first in case the fix is easy for someone who already understands the code :) |
I got curious about how such a severe error could have ended up in the code
and tracked it down. The nn_mul_kara function was actually doing some work
it didn't need to, so I removed that. It's not clear whether I should have
left it in, since an extra ASSERT could be added to check the limb that was
being computed was in fact zero. But for performance, and to make the code
cleaner, I removed it. The extra limb would never be used anywhere, it was
just being computed, presumably for the sake of an ASSERT. Let me know what
you prefer here.
After that, it was strictly using the wrong length for the final addition.
I've now fixed this quite severe error in master. I'm actually really
surprised this didn't show up in the tests anywhere. It's really rather bad.
|
Awesome, thanks! Assumedly the reason it wasn't showing up in the tests is that the high limbs of |
nn_mul_kara sometimes violates the "bm >= cm" constraint of nn_add_c, potentially leading to invalid memory reads and incorrect results.
The values from this stack trace reveal the issue (i.e. these input parameters to nn_mul_kara seem to meet its input assumptions, but cause a call to nn_add_c that violate nn_add_c's input assumptions):
Adding
ASSERT(bm >= cm)
to nn_add_c caused tests failed in multiple places; I'm not sure if nn_mul_kara is the only function violating nn_add_c's input assumptions.The text was updated successfully, but these errors were encountered: