rpms / luajit

Clone
Source Code
GIT

Blame SOURCES/0069-Guard-against-undefined-behaviour-when-casting-from-.patch

c9s-sig-cloud-openstack-xena
  1.   006bc10efd578fa26c78cb6976818db7c9876cb5
  2.   SOURCES
  3.   0069-Guard-against-undefined-behaviour-when-casting-from-.patch
Blob History Raw
006bc1 
From 454bea87cff4ff3cd2fd9ae34a3718dd200ce0fb Mon Sep 17 00:00:00 2001
006bc1 
From: Siddhesh Poyarekar <siddhesh@sourceware.org>
006bc1 
Date: Sun, 17 Mar 2019 11:34:04 +0530
006bc1 
Subject: [PATCH 69/72] Guard against undefined behaviour when casting from
006bc1 
 float to unsigned
006bc1
006bc1 
Only range (-1.0, UINT64_MAX) can be safely converted to unsigned
006bc1 
directly, and (-INT64_MAX,INT_64_MAX) through a cast to int64_t first.
006bc1 
The remaining range is undefined.
006bc1
006bc1 
TODO: Do the same for JIT as well as for float to other ranges.
006bc1 
---
006bc1 
 src/lj_obj.h | 8 +++++++-
006bc1 
 1 file changed, 7 insertions(+), 1 deletion(-)
006bc1
006bc1 
diff --git a/src/lj_obj.h b/src/lj_obj.h
006bc1 
index c7e4742..4ff5944 100644
006bc1 
--- a/src/lj_obj.h
006bc1 
+++ b/src/lj_obj.h
006bc1 
@@ -944,12 +944,18 @@ static LJ_AINLINE int32_t lj_num2bit(lua_Number n)
006bc1
006bc1 
 static LJ_AINLINE uint64_t lj_num2u64(lua_Number n)
006bc1 
 {
006bc1 
+  /* Undefined behaviour. This is deliberately not a full check because we
006bc1 
+     don't want to slow down compliant code. */
006bc1 
+  lua_assert(n >= -9223372036854775809.0);
006bc1 
 #ifdef _MSC_VER
006bc1 
   if (n >= 9223372036854775808.0)  /* They think it's a feature. */
006bc1 
     return (uint64_t)(int64_t)(n - 18446744073709551616.0);
006bc1 
   else
006bc1 
 #endif
006bc1 
-    return (uint64_t)n;
006bc1 
+    if (n > -1.0)
006bc1 
+      return (uint64_t)n;
006bc1 
+    else
006bc1 
+      return (uint64_t)(int64_t)n;
006bc1 
 }
006bc1
006bc1 
 static LJ_AINLINE int32_t numberVint(cTValue *o)
006bc1 
--
006bc1 
2.20.1
006bc1

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation