Problems with mpz_set_str and huge strings
Stefan Krah
stefan-usenet at bytereef.org
Mon Jul 6 23:58:05 CEST 2009
Torbjorn Granlund <tg at gmplib.org> wrote:
> > I think your operands should be made to work, since they actually can be
> > made to fit into memory.
>
> It appears to be an overflow in mpz/set_str.c, where xsize is ultimately
> negative (printf inserted by me):
>
> Breakpoint 3, __gmpz_set_str (x=0xffe034ec, str=0xf7d6d2c2 "", base=10) at set_str.c:126
> 126 printf("str_size: %u __mp_bases[]: %f numb_bits+2: %d\n",
> (gdb) n
> str_size: 677741241 __mp_bases[]: 0.301030 numb_bits+2: 34
> 129 xsize = (((mp_size_t) (str_size / __mp_bases[base].chars_per_bit_exactly))
> (gdb) p 677741241 / 0.301030
> $1 = 2251407637.1125803
> (gdb) p (long) (677741241 / 0.301030)
> $2 = -2043559659
> (gdb) n
> 131 MPZ_REALLOC (x, xsize);
> (gdb) p xsize
> $3 = -67108862
>
> Thanks! I changed the code there, and in 3 more places with similar
> code. The new code should not overflow, I think.
>
> The code is available here: http://shell.gmplib.org:8000/gmp-4.3/
Great! I tested it and it works fine.
Stefan Krah
More information about the gmp-bugs
mailing list