gcc/libstdc++-v3/src
Patrick Palka c0e355c779 libstdc++: Avoid overflow in bounds checks [PR103955]
We currently crash when the floating-point to_chars overloads are passed
a precision value near INT_MAX, ultimately due to overflow in the bounds
checks that verify the output range is large enough.

The simplest portable fix seems to be to replace bounds checks of the form
A >= B + C (where B + C may overflow) with the otherwise equivalent check
A >= B && A - B >= C, which is the approach this patch takes.

Before we could do this in __floating_to_chars_hex, there we first need
to track the unbounded "excess" precision (i.e. the number of trailing
fractional digits in the output that are guaranteed to be '0') separately
from the bounded "effective" precision (i.e. the number of significant
fractional digits in the output), like we do in __f_t_c_precision.

	PR libstdc++/103955

libstdc++-v3/ChangeLog:

	* src/c++17/floating_to_chars.cc (__floating_to_chars_hex):
	Track the excess precision separately from the effective
	precision.  Avoid overflow in bounds check by splitting it into
	two checks.
	(__floating_to_chars_precision): Avoid overflow in bounds checks
	similarly.
	* testsuite/20_util/to_chars/103955.cc: New test.
2022-01-12 09:10:24 -05:00
..
c++11 libstdc++: Fix and simplify freestanding configuration [PR103866] 2022-01-10 12:18:14 +00:00
c++17 libstdc++: Avoid overflow in bounds checks [PR103955] 2022-01-12 09:10:24 -05:00
c++20 libstdc++: Fix and simplify freestanding configuration [PR103866] 2022-01-10 12:18:14 +00:00
c++98 libstdc++: Add %j, %U, %w, %W time_get support, fix %y, %Y, %C, %p [PR77760] 2022-01-10 15:38:47 +01:00
filesystem libstdc++: Fix and simplify freestanding configuration [PR103866] 2022-01-10 12:18:14 +00:00
shared Update copyright years. 2022-01-03 10:42:10 +01:00
Makefile.am Update copyright years. 2022-01-03 10:42:10 +01:00
Makefile.in libstdc++: Fix and simplify freestanding configuration [PR103866] 2022-01-10 12:18:14 +00:00