integer overflow yields incorrect results and buffer overflow on 64-bit machines

Vincent Lefevre vincent at
Thu Feb 28 10:30:01 CET 2008

On 2008-02-27 18:19:39 +0100, Torbjorn Granlund wrote:
> What do you think of this change?

Seems OK.

> I am not sure this will catch all cases for things like mpz_mul_2exp,

I don't think there's a possible overflow in mpz_mul_2exp, because
of the division by GMP_NUMB_BITS and because abs_usize fits on 31

> mpz_ui_pow_ui, and mpz_pow_ui, where the allocation calculations
> might overflow before mpz_realloc is reached.

However there's a possible overflow in n_pow_ui.c.

Vincent Lefèvre <vincent at> - Web: <>
100% accessible validated (X)HTML - Blog: <>
Work: CR INRIA - computer arithmetic / Arenaire project (LIP, ENS-Lyon)

More information about the gmp-bugs mailing list