integer overflow yields incorrect results and buffer overflow on 64-bit machines

Torbjorn Granlund tg at swox.com
Mon Feb 25 21:24:55 CET 2008


"Patrick Pelissier" <patrick.pelissier at gmail.com> writes:

  >  Unfortunately, changing the _mp_size and _mp_alloc fields to long
  >  cannot be done without breaking compatibility (the size of the type
  >  should not change).
  >
  >  I am pondering some hairy solutions for GMP 5, stealing bits from the
  >  _mp_alloc field for use in the _mp_size field, and letting the
  >  remaining _mp_alloc bits be coded as a little home-brew floating point
  >  number.
  
   Don't forget that gmp.h defines many macro functions which access
  _mp_size field directly:
  mpz_abs / mpz_fits_uint_p / mpz_get_ui / ...
  
The idea is to make old compiled-in versions of these work as long as
operands are < 2^37 bits.  Greater operands will require recompile.

Do you think that could work?

   You can't avoid breaking binary compatibility for GMP 5, I think.

Maybe, but I'll give it a serious thought.

If I fail, I might keep mpz as it is, with the limitations to about
2^37 bits.  Then compile the same sources for huge operands, with some
alternative function prefix, such as "mpzzz_".

-- 
Torbjörn


More information about the gmp-bugs mailing list