quickjs icon indicating copy to clipboard operation
quickjs copied to clipboard

Published 20 hours ago verified publisher icon bellard

Undefined behavior in bf_set_si

Open cryptocode opened this issue 1 year ago • 1 comments

When passing INT64_MIN to bf_set_si I experience a sigtrap on my system. I believe this is due to undefined behavior on this line: https://github.com/bellard/quickjs/blob/6e2e68fd0896957f92eb6c242a2e048c1ef3cae0/libbf.c#L274

as this will attempt to negate INT64_MIN

Might need a special case, possibly something like this:

int bf_set_si(bf_t *r, int64_t a)
{
    int ret;

    // Special case as -INT64_MIN is undefined
    if (a == INT64_MIN) {
        ret = bf_set_ui(r, (uint64_t)INT64_MAX + 1); 
        r->sign = 1;
    } else if (a < 0) {
        ret = bf_set_ui(r, -a);
        r->sign = 1;
    } else {
        ret = bf_set_ui(r, a);
    }
    return ret;
}

cryptocode avatar Oct 07 '24 15:10 cryptocode

Changing to bf_set_ui(r, -(uint64_t)a) would be simpler.

Emill avatar Oct 12 '24 09:10 Emill

bf_set_ui() no longer exists.

bellard avatar Mar 18 '25 19:03 bellard