Uninitialized memory bug found in /mpn/generic/mod_1_1.c
Brett Kuntz
kuntz at shaw.ca
Thu Aug 31 19:36:42 CEST 2023
> Looking at mpn/generic/mod_1_1.c,
> if MOD_1_1P_METHOD == 1, the value[2] in the array is always set and always used;
> if MOD_1_1P_METHOD == 2, the value[2] is set only if cnt!=0, and it is used only if cnt!=0.
> There are also some assembler code implementations, each one with its couple of functions.
I concluded the same just now.
-Brett Kuntz
From: "marco bodrato" <marco.bodrato at tutanota.com>
To: "Vincent Lefevre" <vincent at vinc17.net>
Cc: "Brett Kuntz" <kuntz at shaw.ca>, gmp-bugs at gmplib.org
Sent: Thursday, August 31, 2023 12:33:46 PM
Subject: Re: Uninitialized memory bug found in /mpn/generic/mod_1_1.c
Ciao,
31 ago 2023, 18:06 da vincent at vinc17.net:
I don't think that this is sufficient for the test.
The code Brett mentioned is for MOD_1_1P_METHOD = 2.
The code Brett mentioned is mixed, I fear.
Looking at mpn/generic/mod_1_1.c,
if MOD_1_1P_METHOD == 1, the value[2] in the array is always set and always used;
if MOD_1_1P_METHOD == 2, the value[2] is set only if cnt!=0, and it is used only if cnt!=0.
There are also some assembler code implementations, each one with its couple of functions.
BQ_BEGIN
So, in mpn/generic/mod_1_1.c, I also changed
# define MOD_1_1P_METHOD 1 /* need to make sure this is 2 for asm testing */
BQ_END
Not enough, MOD_1_1P_METHOD may be defined by gmp-mparam.h
One should also check how MOD_1N_TO_MOD_1_1_THRESHOLD interact with the tests.
BQ_BEGIN
ASSERT (bmodb[2] != -1);
BQ_END
BQ_BEGIN
But even with that, I don't get any failure.
BQ_END
Actually it is possible to trigger this, if you put it in the wrong place, I mean, outside the branch actually using the value... but it is not interesting.
Ĝis,
Marco
More information about the gmp-bugs
mailing list