From 4bc33d64de9bb2c1cd96240337ba8486300759da Mon Sep 17 00:00:00 2001 From: Roberto Ierusalimschy Date: Thu, 1 Jun 2017 16:16:34 -0300 Subject: avoid overflows in computation of step size --- lgc.c | 6 ++++-- llimits.h | 9 ++++++++- 2 files changed, 12 insertions(+), 3 deletions(-) diff --git a/lgc.c b/lgc.c index 4600c435..fa6cf799 100644 --- a/lgc.c +++ b/lgc.c @@ -1,5 +1,5 @@ /* -** $Id: lgc.c,v 2.228 2017/05/04 13:32:01 roberto Exp roberto $ +** $Id: lgc.c,v 2.229 2017/05/26 19:14:29 roberto Exp roberto $ ** Garbage Collector ** See Copyright Notice in lua.h */ @@ -1486,7 +1486,9 @@ void luaC_runtilstate (lua_State *L, int statesmask) { static void incstep (lua_State *L, global_State *g) { int stepmul = (g->gcstepmul | 1); /* avoid division by 0 */ l_mem debt = (g->GCdebt / WORK2MEM) * stepmul; - l_mem stepsize = cast(l_mem, 1) << g->gcstepsize; + l_mem stepsize = (g->gcstepsize <= log2maxs(l_mem)) + ? cast(l_mem, 1) << g->gcstepsize + : MAX_LMEM; stepsize = -((stepsize / WORK2MEM) * stepmul); do { /* repeat until pause or enough "credit" (negative debt) */ lu_mem work = singlestep(L); /* perform one single step */ diff --git a/llimits.h b/llimits.h index 14940550..909aba3b 100644 --- a/llimits.h +++ b/llimits.h @@ -1,5 +1,5 @@ /* -** $Id: llimits.h,v 1.141 2015/11/19 19:16:22 roberto Exp roberto $ +** $Id: llimits.h,v 1.142 2017/04/24 18:06:12 roberto Exp roberto $ ** Limits, basic types, and some other 'installation-dependent' definitions ** See Copyright Notice in lua.h */ @@ -51,6 +51,13 @@ typedef unsigned char lu_byte; #define MAX_INT INT_MAX /* maximum value of an int */ +/* +** floor of the log2 of the maximum signed value for integral type 't'. +** (That is, maximum 'n' such that '2^n' fits in the given signed type.) +*/ +#define log2maxs(t) (sizeof(t) * 8 - 2) + + /* ** conversion of pointer to unsigned integer: ** this is for hashing only; there is no problem if the integer -- cgit v1.2.3-55-g6feb