mini-gmp mpz_out_str dereferences null pointer with out-of-range base
Paul Eggert
eggert at cs.ucla.edu
Thu Jul 9 19:34:51 UTC 2020
The mpz_out_str implementation in mini-gmp.c computes strlen (NULL) if its base
argument is out of range. This causes GCC 10.1 -fanalyzer to complain:
mini-gmp.c:4428:9: error: use of NULL 'str' where non-null expected [CWE-690]
[-Wanalyzer-null-argument]
Proposed patch attached. This patch also fixes an unrelated double-negative in a
comment that confused me on first reading.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: mini-gmp.diff
Type: text/x-patch
Size: 750 bytes
Desc: not available
URL: <https://gmplib.org/list-archives/gmp-bugs/attachments/20200709/afef6b1d/attachment.bin>
More information about the gmp-bugs
mailing list