From 13eb0640cc58bee1a29c82c1b230137e7ff411c3 Mon Sep 17 00:00:00 2001 From: Michael Forney Date: Thu, 19 May 2022 11:49:06 -0700 Subject: eval: Fix range check of double during conversion to int MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 2⁶⁴-1 and 2⁶³-1 are not representable as double and get rounded to 2⁶⁴ and 2⁶³ respectively, which are outside the range of 64-bit [u]int. This causes undefined behavior when a constant expression is evaluated that involves a conversion of a very large or small value to an integer type. To fix this, change the > to >= and use constants representable as double. --- eval.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/eval.c b/eval.c index 908ce8d..9b6b33c 100644 --- a/eval.c +++ b/eval.c @@ -162,11 +162,11 @@ eval(struct expr *expr, enum evalkind kind) expr->u.constant.f = l->u.constant.u; } else if (l->type->prop & PROPFLOAT && t->prop & PROPINT) { if (t->u.basic.issigned) { - if (l->u.constant.f < -1 - 0x7fffffffffffffff || l->u.constant.f > 0x7fffffffffffffff) + if (l->u.constant.f < -0x1p63 || l->u.constant.f >= 0x1p63) error(&tok.loc, "integer part of floating-point constant %g cannot be represented as signed integer", l->u.constant.f); expr->u.constant.i = l->u.constant.f; } else { - if (l->u.constant.f < 0 || l->u.constant.f > 0xffffffffffffffff) + if (l->u.constant.f < 0.0 || l->u.constant.f >= 0x1p64) error(&tok.loc, "integer part of floating-point constant %g cannot be represented as unsigned integer", l->u.constant.f); expr->u.constant.u = l->u.constant.f; } -- cgit v1.2.3