diff options
| author | Kaz Kylheku <kaz@kylheku.com> | 2017-06-17 09:02:52 -0700 |
|---|---|---|
| committer | Kaz Kylheku <kaz@kylheku.com> | 2017-06-17 09:02:52 -0700 |
| commit | 7dc634268cb7e33b02462667c1827e7dc146c4ad (patch) | |
| tree | 937c8ad2baede33fe9ee1db0686df865f9cbdfe8 | |
| parent | e640d29522bd832f88874a6c955e14031481e380 (diff) | |
| download | txr-7dc634268cb7e33b02462667c1827e7dc146c4ad.tar.gz txr-7dc634268cb7e33b02462667c1827e7dc146c4ad.tar.bz2 txr-7dc634268cb7e33b02462667c1827e7dc146c4ad.zip | |
ash: check range of bits argument.
mp_shift takes an int argument, but we decode bits to
a cnum, leaving possible room for overflow, such as
when cnum is 64 bits and int is 32. If the value
* arith.c (ash): Check that the value is in the range
of INT_MIN to INT_MAX.
| -rw-r--r-- | arith.c | 5 |
1 files changed, 5 insertions, 0 deletions
@@ -2446,6 +2446,8 @@ val ash(val a, val bits) a = bignum(an); /* fallthrough */ case BGNUM: + if (bn < INT_MIN || bn > INT_MAX) + goto bad4; b = make_bignum(); if (mp_shift(mp(a), mp(b), bn) != MP_OKAY) goto bad; @@ -2480,6 +2482,9 @@ bad2: bad3: uw_throwf(error_s, lit("ash: non-integral operand ~s"), a, nao); + +bad4: + uw_throwf(error_s, lit("ash: bit value too large ~s"), bits, nao); } val bit(val a, val bit) |