Bash printf should diagnose integer overflow

bug-bash

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Bash printf should diagnose integer overflow

From:	Paul Eggert
Subject:	Bash printf should diagnose integer overflow
Date:	Tue, 12 Mar 2024 12:49:49 -0700
User-agent:	Mozilla Thunderbird

Configuration Information:
Machine: x86_64
OS: linux-gnu
Compiler: gcc
Compilation CFLAGS: -g -O2

uname output: Linux penguin.cs.ucla.edu 6.7.7-200.fc39.x86_64 #1 SMPPREEMPT_DYNAMIC Fri Mar 1 16:53:59 UTC 2024 x86_64 GNU/Linux

Machine Type: x86_64-redhat-linux-gnu

Bash Version: 5.3
Patch Level: 26
Release Status: devel

Description:
        Commands like "printf '%10000000000000000000000000000s' ''"
        silently ignore width and precision.  They should report the
        integer overflow before continuing with a lesser width or
        precision.  (I ran into this bug while using Bash to output
        very long strings of spaces for some test cases.)

Repeat-By:
        printf '%10000000000000000000000000000s' ''

        It prints nothing.  It should print a diagnostic if it
        cannot do the requested operation.

Fix:
        Bash should use C23 <stdckdint.h> to check for integer
        overflow.  Gnulib supplies a replacement stdckdint.h that works
        on pre-C23 platforms; it's been extensively tested in other GNU
        apps and doesn't require much setup.

        The attached patches first add <stdckdint.h> to Bash, then
        replace Bash's by-hand overflow checking (which I think I
        contributed a while ago, if memory serves) with uses of the
        standard C23 macros, and finally fixes printf.  Although there
        are several other integer overflow bugs in Bash I thought
        I'd send these fixes in now.

        These patches use the Gnulib files intprops-internal.h and
        stdckdint.in.h unmodified.  I thought this would be better
        than trying to simplify them to cover just Bash's needs, as
        it will make it easier to sync with Gnulib later. However,
        for simplicity these patches do not use all the Gnulib machinery
        for <stdckdint.h>.

        These patches can be applied to Bash's devel branch (commit
        54f3ed2278025081f897b9bd958fcf099fd5be18 dated Mon Mar 4
        14:59:33 2024 -0500) by using the command "git am".

0001-maint-add-support-for-C23-style-stdckdint.h.patch
Description: Text Data

0002-Coalesce-multiple-PRIdMAX-definitions.patch
Description: Text Data

0003-Fix-problems-with-large-brace-expansions.patch
Description: Text Data

0004-printf-now-diagnoses-width-or-prec-overflow.patch
Description: Text Data

[Prev in Thread]

Current Thread

[Next in Thread]

Bash printf should diagnose integer overflow, Paul Eggert <=
- Re: Bash printf should diagnose integer overflow, Chet Ramey, 2024/03/13
  - Re: Bash printf should diagnose integer overflow, Paul Eggert, 2024/03/13
    - Re: Bash printf should diagnose integer overflow, Chet Ramey, 2024/03/18
    - Re: Bash printf should diagnose integer overflow, alex xmb sw ratchev, 2024/03/18
    - Re: Bash printf should diagnose integer overflow, Paul Eggert, 2024/03/18
    - Re: Bash printf should diagnose integer overflow, Chet Ramey, 2024/03/18
    - Re: Bash printf should diagnose integer overflow, Chet Ramey, 2024/03/18
    - Re: Bash printf should diagnose integer overflow, Paul Eggert, 2024/03/19
    - Re: Bash printf should diagnose integer overflow, Chet Ramey, 2024/03/21
    - Re: Bash printf should diagnose integer overflow, Paul Eggert, 2024/03/22

Prev by Date: Re: multi-threaded compiling
Next by Date: Re: multi-threaded compiling
Previous by thread: Examples of concurrent coproc usage?
Next by thread: Re: Bash printf should diagnose integer overflow
Index(es):
- Date
- Thread