From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from dragonfly.birch.relay.mailchannels.net (dragonfly.birch.relay.mailchannels.net [23.83.209.51]) by sourceware.org (Postfix) with ESMTPS id 08B7A3858C66 for ; Mon, 20 Mar 2023 17:31:37 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 08B7A3858C66 Authentication-Results: sourceware.org; dmarc=none (p=none dis=none) header.from=gotplt.org Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=gotplt.org X-Sender-Id: dreamhost|x-authsender|siddhesh@gotplt.org Received: from relay.mailchannels.net (localhost [127.0.0.1]) by relay.mailchannels.net (Postfix) with ESMTP id 1995E8C34CF; Mon, 20 Mar 2023 17:31:36 +0000 (UTC) Received: from pdx1-sub0-mail-a306.dreamhost.com (unknown [127.0.0.6]) (Authenticated sender: dreamhost) by relay.mailchannels.net (Postfix) with ESMTPA id A376B8C22FC; Mon, 20 Mar 2023 17:31:35 +0000 (UTC) ARC-Seal: i=1; s=arc-2022; d=mailchannels.net; t=1679333495; a=rsa-sha256; cv=none; b=ZICDKG75BeosZEjKJdHlhZYLz7coHYP/2rYcvZxYPZ1WBZ2/HSyHsnH5D2jcWnkuXpZyNX f+3ZSGrpEqQ35B5hpZ7e02npF12qGVP0+4fEV/eMi+6ydv9gYtfz1ZDx8wqYhK5rUawIR2 NMz6HXhtzOreTPmE7yfIgh2WnThgDyZLzC9N/M10WjbNCrB1tbRousJwc3wkKLcLdaEtQp lstvRfZ0JJ4YGGAObAr4HEzbLkPvEbdzjmgEEU0XC2wkHjypvE7Mudkuw2dplumlssx9lO dvS06S36EhHPKoSLqh/iUUTJDt5H5OqkkDUASEnIaGFfloqf7R/0kNWr8AL3nA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=mailchannels.net; s=arc-2022; t=1679333495; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=vBYNTQhTKehIV+trnyeWb0gpZucWdZFLbO8jpzvtji0=; b=3tZL8rCy5xUX5eRkmqhFvi3VrIvaTJK7pDCYK1kY3HHFzbDZLBcFxjufl6crjn5wCgQt+Q G5viaGP81bqhzpgMmk9t/9cCex2mTYYfnIW3o9BmL5Y/n2/CPo6GZXUMG08Kk3guSfeJud wlEzmxRjkKacYjVPw04+WqtOVxSZeDFoWNQcPrVw5S4kf2uMrGK1Pe8l3zxsGhP0KkGRMC sV8SfPrH8193yj3Lc3C0JnCFbJ4uPp21urP2Ruoa2CBcBgOxwahgw5UGvHPfOLfcRjEodl HYLkM2FhICEhm3HcIRf6cCBXyMZOJaxkSAzONwtMlIde/3BsTIZNkzEXzUC0sw== ARC-Authentication-Results: i=1; rspamd-766d96cb5b-fpzvn; auth=pass smtp.auth=dreamhost smtp.mailfrom=siddhesh@gotplt.org X-Sender-Id: dreamhost|x-authsender|siddhesh@gotplt.org X-MC-Relay: Neutral X-MailChannels-SenderId: dreamhost|x-authsender|siddhesh@gotplt.org X-MailChannels-Auth-Id: dreamhost X-Thread-Coil: 43fef08509c82cf7_1679333495923_1712961715 X-MC-Loop-Signature: 1679333495923:1972793081 X-MC-Ingress-Time: 1679333495923 Received: from pdx1-sub0-mail-a306.dreamhost.com (pop.dreamhost.com [64.90.62.162]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384) by 100.104.253.212 (trex/6.7.2); Mon, 20 Mar 2023 17:31:35 +0000 Received: from [192.168.0.182] (bras-vprn-toroon4834w-lp130-09-174-91-45-153.dsl.bell.ca [174.91.45.153]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) (Authenticated sender: siddhesh@gotplt.org) by pdx1-sub0-mail-a306.dreamhost.com (Postfix) with ESMTPSA id 4PgMGv0z9dzHk; Mon, 20 Mar 2023 10:31:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gotplt.org; s=dreamhost; t=1679333495; bh=vBYNTQhTKehIV+trnyeWb0gpZucWdZFLbO8jpzvtji0=; h=Date:Subject:To:From:Content-Type:Content-Transfer-Encoding; b=egvgBPzP2LtfJVPSPRCDjEEiBuNoXAAq0e/aTFP5iCaYnI3fCDZMl+E8jYZp6/DRx hu9Zr4U5HUUqmx4WMzp42jsBG6/zJgYJc4JVhl80l/gS7xiOjgsaTZaSvGH2xLPjhI 98PoMAdg2XZ1DgHidd04WLxbJuwU8zDoTaqYNddQ+QK5tUvwFhz+VzS5XQxfGdLdgl 5X1ws0glyYIav/2ALjdevA6jmLESwvRw/eV1Cqbs7sue325J9a9aPTgzzlP5aM8Nxb TbGpA1pg8vjjClULmqG6twnCkAX2sy7xelKyrkuZjwG8Bhl6NSOlo5MMvJJtETjim2 U77q/Pw7ZQi8Q== Message-ID: Date: Mon, 20 Mar 2023 13:31:33 -0400 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.8.0 Subject: Re: UB status of snprintf on invalid ptr+size combination? Content-Language: en-US To: Vincent Lefevre , libc-alpha@sourceware.org References: <9d7ca3d8-6998-e741-b669-03ef42bc99f1@gmail.com> <20230320150929.GA283644@cventin.lip.ens-lyon.fr> <20230320170031.GG203866@cventin.lip.ens-lyon.fr> From: Siddhesh Poyarekar In-Reply-To: <20230320170031.GG203866@cventin.lip.ens-lyon.fr> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-3030.5 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,NICE_REPLY_A,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_PASS,TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: On 2023-03-20 13:00, Vincent Lefevre wrote: > It doesn't. *Currently*, MPFR does not use snprintf. With the buggy > version, on a typical 64-bit machine (where int = 32 bits), the size > given to mpfr_snprintf became the value modulo 2^32, so if n is 2^32 > (possible as size_t has 64 bits), the implementation of mpfr_snprintf > assumed that the size was 0 (instead of 2^32). Hence the incorrect > behavior. > > The test helped to catch this bug because it checks mpfr_snprintf > on this value n = (size_t) UINT_MAX + 1, which is 2^32 here. But in > order not to use much memory, the test is done with a small buffer. > Using a buffer of size n would need 4 GB, and this amount of memory > is not available everywhere. In glibc we tend to skip a test as UNSUPPORTED when resources to run a test are considered uncommon (from the perspective of a test system) and cannot be expected to be met in all environments. It looks like mpfr_snprintf and glibc snprintf are incompatible in this context and the latter should not be used to implement the former if the n > __bos(dest) use case is important to it. Then again, I wish mpfr_snprintf also similarly tightened its requirements, but that's a discussion for another day. Thanks, Sid