Tcl Source Code: View Ticket

2022-10-06
10:23		• Closed ticket [e32a44e2e4]: Tcl_Merge(): signed integer overflow plus 7 other changes artifact: d9507643c5 user: jan.nijtmans
09:06		Fix [e32a44e2e4], [1599352cca], [5ec43cfd9b] and [74cc95b563] check-in: 0e2b23ff84 user: jan.nijtmans tags: core-8-6-branch
2022-10-02
11:28		• Add attachment e32a44e2e49e.diff to ticket [e32a44e2e4] artifact: 4889a11e21 user: chrstphrchvz
11:26		• New ticket [e32a44e2e4] Tcl_Merge(): signed integer overflow. artifact: a4b175c4b6 user: chrstphrchvz

Ticket UUID:	e32a44e2e49e5fe3a21162db2b2dd915ba8589d5
Title:	Tcl_Merge(): signed integer overflow
Type:	Patch	Version:	core-8-6-branch
Submitter:	chrstphrchvz	Created on:	2022-10-02 11:26:50
Subsystem:	14. List Object	Assigned To:	jan.nijtmans
Priority:	5 Medium	Severity:	Minor
Status:	Closed	Last Modified:	2022-10-06 10:23:32
Resolution:	Fixed	Closed By:	jan.nijtmans
		Closed on:	2022-10-06 10:23:32
Description:	Example script (not much usage of `Tcl_Merge()` in core Tcl): set 1k_spaces [string repeat { } [::tcl::mathop::<< 1 10]] set 1M_spaces [string repeat $1k_spaces [::tcl::mathop::<< 1 10]] set 1G_spaces [string repeat $1M_spaces [::tcl::mathop::<< 1 10]] testpanic $1G_spaces $1G_spaces Output containing UBSan error, which the attached patch avoids: $ ./tcltest script.tcl (some time passes) tcl/generic/tclUtil.c:1596:14: runtime error: signed integer overflow: 1073741826 + 1073741826 cannot be represented in type 'int' max size for a Tcl value (2147483647 bytes) exceeded (tcltest aborts, though before `TestpanicCmd()` can directly call `Tcl_Panic()`.)
User Comments:	jan.nijtmans added on 2022-10-06 10:23:32: Should be fixed [0e2b23ff845b1e1b\|here]

Attachments:

e32a44e2e49e.diff [download] added by chrstphrchvz on 2022-10-02 11:28:30. [details]