Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

math/big: panic in big.ParseFloat (off by one access) [1.14 backport] #37501

Closed
gopherbot opened this issue Feb 27, 2020 · 3 comments
Closed

math/big: panic in big.ParseFloat (off by one access) [1.14 backport] #37501

gopherbot opened this issue Feb 27, 2020 · 3 comments
Labels
CherryPickApproved Used during the release process for point releases FrozenDueToAge
Milestone
Go1.14.3

Comments

@gopherbot
Copy link
Contributor

@josharian requested issue #37499 to be considered for backport to the next 1.14 minor release.

@gopherbot please open a backport issue for 1.14 for this regression
@gopherbot gopherbot added the CherryPickCandidate Used during the release process for point releases label Feb 27, 2020
@gopherbot gopherbot mentioned this issue Feb 27, 2020
Closed
@gopherbot gopherbot added this to the Go1.14.1 milestone Feb 27, 2020
@cagedmantis cagedmantis modified the milestones: Go1.14.1, Go1.14.2 Mar 19, 2020
@andybons andybons modified the milestones: Go1.14.2, Go1.14.3 Apr 8, 2020
@gopherbot
Copy link
Contributor Author

Change https://golang.org/cl/227877 mentions this issue: [release-branch.go1.14] math/big: correct off-by-one access in divBasic

@andybons
Copy link
Member

Approved as this is a serious issue with no workaround.

@andybons andybons added the CherryPickApproved Used during the release process for point releases label Apr 27, 2020
@gopherbot gopherbot removed the CherryPickCandidate Used during the release process for point releases label Apr 27, 2020
@gopherbot
Copy link
Contributor Author

Closed by merging cd65852 to release-branch.go1.14.

gopherbot pushed a commit that referenced this issue Apr 27, 2020
@remyoudompheng @andybons
[release-branch.go1.14] math/big: correct off-by-one access in divBasic
cd65852 
The divBasic function computes the quotient of big nats u/v word by word.
It estimates each word qhat by performing a long division (top 2 words of u
divided by top word of v), looks at the next word to correct the estimate,
then perform a full multiplication (qhat*v) to catch any inaccuracy in the
estimate.

In the latter case, "negative" values appear temporarily and carries
must be carefully managed, and the recursive division refactoring
introduced a case where qhat*v has the same length as v, triggering an
out-of-bounds write in the case it happens when computing the top word
of the quotient.

Fixes #37501

Change-Id: I15089da4a4027beda43af497bf6de261eb792f94
Reviewed-on: https://go-review.googlesource.com/c/go/+/221980
Reviewed-by: Robert Griesemer <[email protected]>
(cherry picked from commit ac1fd41)
Reviewed-on: https://go-review.googlesource.com/c/go/+/227877
Run-TryBot: Emmanuel Odeke <[email protected]>
TryBot-Result: Gobot Gobot <[email protected]>
@golang golang locked and limited conversation to collaborators Apr 27, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
CherryPickApproved Used during the release process for point releases FrozenDueToAge
Projects
None yet
Milestone
Go1.14.3
Development

No branches or pull requests
3 participants
@cagedmantis @andybons @gopherbot