GMP: Gracefully handle more overflows.

JuliaLang · Sep 8, 2023 · 8fa7431 · 8fa7431
1 parent 67d600c
commit 8fa7431
Show file tree

Hide file tree

Showing 3 changed files with 46 additions and 1 deletion.
diff --git a/deps/gmp.mk b/deps/gmp.mk
@@ -57,7 +57,12 @@ $(SRCCACHE)/gmp-$(GMP_VER)/gmp-CVE-2021-43618.patch-applied: $(SRCCACHE)/gmp-$(G
 		patch -p1 < $(SRCDIR)/patches/gmp-CVE-2021-43618.patch
 	echo 1 > $@
 
-$(SRCCACHE)/gmp-$(GMP_VER)/source-patched: $(SRCCACHE)/gmp-$(GMP_VER)/gmp-CVE-2021-43618.patch-applied
+$(SRCCACHE)/gmp-$(GMP_VER)/gmp-more_alloc_overflow.patch-applied: $(SRCCACHE)/gmp-$(GMP_VER)/gmp-CVE-2021-43618.patch-applied
+	cd $(dir $@) && \
+		patch -p1 < $(SRCDIR)/patches/gmp-more_alloc_overflow.patch
+	echo 1 > $@
+
+$(SRCCACHE)/gmp-$(GMP_VER)/source-patched: $(SRCCACHE)/gmp-$(GMP_VER)/gmp-more_alloc_overflow.patch-applied
 	echo 1 > $@
 
 $(BUILDDIR)/gmp-$(GMP_VER)/build-configured: $(SRCCACHE)/gmp-$(GMP_VER)/source-patched

diff --git a/deps/patches/gmp-more_alloc_overflow.patch b/deps/patches/gmp-more_alloc_overflow.patch
@@ -0,0 +1,37 @@
+diff -ur gmp-6.2.1.orig/mpz/n_pow_ui.c gmp-6.2.1/mpz/n_pow_ui.c
+--- gmp-6.2.1.orig/mpz/n_pow_ui.c	2023-09-08 11:41:16.620551175 +0200
++++ gmp-6.2.1/mpz/n_pow_ui.c	2023-09-08 12:49:29.650492180 +0200
+@@ -220,8 +220,7 @@
+   umul_ppmm (ovfl, rtwos_bits, e, btwos);
+   if (ovfl)
+     {
+-      fprintf (stderr, "gmp: overflow in mpz type\n");
+-      abort ();
++      __GMP_ALLOC_OVERFLOW_FUNC ();
+     }
+
+   rtwos_limbs += rtwos_bits / GMP_NUMB_BITS;
+@@ -382,8 +381,7 @@
+   umul_ppmm (ovfl, ralloc, (bsize*GMP_NUMB_BITS - cnt + GMP_NAIL_BITS), e);
+   if (ovfl)
+     {
+-      fprintf (stderr, "gmp: overflow in mpz type\n");
+-      abort ();
++      __GMP_ALLOC_OVERFLOW_FUNC ();
+     }
+   ralloc = ralloc / GMP_NUMB_BITS + 5;
+
+diff -ur gmp-6.2.1.orig/tal-reent.c gmp-6.2.1/tal-reent.c
+--- gmp-6.2.1.orig/tal-reent.c	2020-11-14 19:45:09.000000000 +0100
++++ gmp-6.2.1/tal-reent.c	2023-09-08 12:10:34.061357613 +0200
+@@ -61,6 +61,11 @@
+
+   total_size = size + HSIZ;
+   p = __GMP_ALLOCATE_FUNC_TYPE (total_size, char);
++  if (!p)
++    {
++      __GMP_ALLOC_OVERFLOW_FUNC ();
++    }
+   P->size = total_size;
+   P->next = *markp;
+   *markp = P;
diff --git a/test/gmp.jl b/test/gmp.jl
@@ -11,6 +11,9 @@ ee = typemax(Int64)
     @test BigInt <: Signed
     @test big(1) isa Signed
 
+    @test_throws OutOfMemoryError big(96608869069402268615522366320733234710)^16374500563449903721
+    @test_throws OutOfMemoryError 555555555555555555555555555555555555555555555555555^55555555555555555
+
     let x = big(1)
         @test signed(x) === x
         @test convert(Signed, x) === x