Skip to content

std.math.big: require sufficient capacity for aliased params #26019

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

std.math.big: require sufficient capacity for aliased params #26019

wants to merge 1 commit into from
+95 −35

Conversation

@aaron-ang
Copy link

@aaron-ang aaron-ang commented Nov 23, 2025
edited
Loading

close #6167

We first check if the Managed instances are distinct but share the same limbs field in limbsAliasDistinct.

We then assert in ensureAliasAwareCapacity that an aliased Managed parameter has enough capacity such that it will not trigger a reallocation. This should prevent use-after-free.

Identical Managed instances should not result in use-after-free since toConst is called after any reallocation is done, so the underlying instances should point to the same limbs buffer during the actual arithmetic operation.

@aaron-ang aaron-ang force-pushed the bigint-uaf branch 2 times, most recently from deb84da to c8011c6 Compare November 25, 2025 19:59
@aaron-ang
Copy link
Author

aaron-ang commented Nov 26, 2025

hi @andrewrk could you trigger the CI?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

use-after-free occurring in std.math.big.Rational on 32-bit architectures

1 participant

@aaron-ang