Tarantool development patches archive
 help / color / mirror / Atom feed
From: Mergen Imeev via Tarantool-patches <tarantool-patches@dev.tarantool.org>
To: v.shpilevoy@tarantool.org
Cc: tarantool-patches@dev.tarantool.org
Subject: [Tarantool-patches] [PATCH v4 02/16] sql: fix possible undefined behavior during cast
Date: Fri,  1 Oct 2021 15:48:33 +0300
Message-ID: <a60e14cce2aeeb884f11899935b9d6bf575de85e.1633092363.git.imeevma@gmail.com> (raw)
In-Reply-To: <cover.1633092363.git.imeevma@gmail.com>

This patch fixes possible undefined behavior during the implicit cast of
INTEGER to DOUBLE. The problem is, if the INTEGER is close enough to
2^64, it will be cast to 2^64 when it is cast to DOUBLE. Since we have a
check for loss of precision, this will cause this DOUBLE to be cast to
an INTEGER, which will result in undefined behavior since this DOUBLE is
outside the range of INTEGER.
---
 src/box/sql/mem.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/box/sql/mem.c b/src/box/sql/mem.c
index 24d6d7dbf..079083fa1 100644
--- a/src/box/sql/mem.c
+++ b/src/box/sql/mem.c
@@ -682,7 +682,7 @@ uint_to_double_precise(struct Mem *mem)
 	assert(mem->type == MEM_TYPE_UINT);
 	double d;
 	d = (double)mem->u.u;
-	if (mem->u.u != (uint64_t)d)
+	if (d == (double)UINT64_MAX || mem->u.u != (uint64_t)d)
 		return -1;
 	mem->u.r = d;
 	mem->flags = 0;
-- 
2.25.1


  parent reply	other threads:[~2021-10-01 12:49 UTC|newest]

Thread overview: 39+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-10-01 12:48 [Tarantool-patches] [PATCH v4 00/16] sql: refactor aggregate functions Mergen Imeev via Tarantool-patches
2021-10-01 12:48 ` [Tarantool-patches] [PATCH v4 01/16] sql: remove MEM_Zero flag from struct MEM Mergen Imeev via Tarantool-patches
2021-10-04 21:51   ` Vladislav Shpilevoy via Tarantool-patches
2021-10-05  8:46     ` Mergen Imeev via Tarantool-patches
2021-10-05  9:42       ` Mergen Imeev via Tarantool-patches
2021-10-05 12:28         ` Mergen Imeev via Tarantool-patches
2021-10-01 12:48 ` Mergen Imeev via Tarantool-patches [this message]
2021-10-04 21:52   ` [Tarantool-patches] [PATCH v4 02/16] sql: fix possible undefined behavior during cast Vladislav Shpilevoy via Tarantool-patches
2021-10-05  9:00     ` Mergen Imeev via Tarantool-patches
2021-10-01 12:48 ` [Tarantool-patches] [PATCH v4 03/16] sql: use register P1 for number of arguments Mergen Imeev via Tarantool-patches
2021-10-01 12:48 ` [Tarantool-patches] [PATCH v4 04/16] sql: remove AggStep0 and OP_BuiltinFunction0 Mergen Imeev via Tarantool-patches
2021-10-01 12:48 ` [Tarantool-patches] [PATCH v4 05/16] sql: move collation to struct sql_context Mergen Imeev via Tarantool-patches
2021-10-01 12:48 ` [Tarantool-patches] [PATCH v4 06/16] sql: introduce mem_append() Mergen Imeev via Tarantool-patches
2021-10-04 21:52   ` Vladislav Shpilevoy via Tarantool-patches
2021-10-05  9:32     ` Mergen Imeev via Tarantool-patches
2021-10-11 21:50       ` Vladislav Shpilevoy via Tarantool-patches
2021-10-19 10:49         ` Mergen Imeev via Tarantool-patches
2021-10-01 12:48 ` [Tarantool-patches] [PATCH v4 07/16] sql: remove sql_vdbemem_finalize() Mergen Imeev via Tarantool-patches
2021-10-01 12:48 ` [Tarantool-patches] [PATCH v4 08/16] sql: refactor SUM() function Mergen Imeev via Tarantool-patches
2021-10-01 12:48 ` [Tarantool-patches] [PATCH v4 09/16] sql: refactor TOTAL() function Mergen Imeev via Tarantool-patches
2021-10-01 12:48 ` [Tarantool-patches] [PATCH v4 10/16] sql: refactor AVG() function Mergen Imeev via Tarantool-patches
2021-10-04 21:53   ` Vladislav Shpilevoy via Tarantool-patches
2021-10-05  9:48     ` Mergen Imeev via Tarantool-patches
2021-10-11 21:50       ` Vladislav Shpilevoy via Tarantool-patches
2021-10-19 11:14         ` Mergen Imeev via Tarantool-patches
2021-10-01 12:48 ` [Tarantool-patches] [PATCH v4 11/16] sql: refactor COUNT() function Mergen Imeev via Tarantool-patches
2021-10-04 21:53   ` Vladislav Shpilevoy via Tarantool-patches
2021-10-05  9:55     ` Mergen Imeev via Tarantool-patches
2021-10-11 21:51       ` Vladislav Shpilevoy via Tarantool-patches
2021-10-19 11:17         ` Mergen Imeev via Tarantool-patches
2021-10-01 12:48 ` [Tarantool-patches] [PATCH v4 12/16] sql: refactor MIN() and MAX() functions Mergen Imeev via Tarantool-patches
2021-10-04 21:54   ` Vladislav Shpilevoy via Tarantool-patches
2021-10-05 10:07     ` Mergen Imeev via Tarantool-patches
2021-10-01 12:48 ` [Tarantool-patches] [PATCH v4 13/16] sql: refactor GROUP_CONCAT() function Mergen Imeev via Tarantool-patches
2021-10-01 12:48 ` [Tarantool-patches] [PATCH v4 14/16] sql: remove copying of result in finalizers Mergen Imeev via Tarantool-patches
2021-10-01 12:48 ` [Tarantool-patches] [PATCH v4 15/16] sql: remove MEM_TYPE_AGG Mergen Imeev via Tarantool-patches
2021-10-01 12:49 ` [Tarantool-patches] [PATCH v4 16/16] sql: remove field argv from struct sql_context Mergen Imeev via Tarantool-patches
2021-10-25 20:58 ` [Tarantool-patches] [PATCH v4 00/16] sql: refactor aggregate functions Vladislav Shpilevoy via Tarantool-patches
2021-10-26 10:34 Mergen Imeev via Tarantool-patches
2021-10-26 10:34 ` [Tarantool-patches] [PATCH v4 02/16] sql: fix possible undefined behavior during cast Mergen Imeev via Tarantool-patches

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=a60e14cce2aeeb884f11899935b9d6bf575de85e.1633092363.git.imeevma@gmail.com \
    --to=tarantool-patches@dev.tarantool.org \
    --cc=imeevma@tarantool.org \
    --cc=v.shpilevoy@tarantool.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Tarantool development patches archive

This inbox may be cloned and mirrored by anyone:

	git clone --mirror https://lists.tarantool.org/tarantool-patches/0 tarantool-patches/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 tarantool-patches tarantool-patches/ https://lists.tarantool.org/tarantool-patches \
		tarantool-patches@dev.tarantool.org.
	public-inbox-index tarantool-patches

Example config snippet for mirrors.


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git