CVS commit: src/common/lib/libc/stdlib

To: source-changes%NetBSD.org@localhost
Subject: CVS commit: src/common/lib/libc/stdlib
From: "Santhosh Raju" <fox%netbsd.org@localhost>
Date: Sat, 22 Feb 2020 14:47:29 +0000

Module Name:    src
Committed By:   fox
Date:           Sat Feb 22 14:47:29 UTC 2020

Modified Files:
        src/common/lib/libc/stdlib: random.c

Log Message:
common/lib/libc/stdlib: Fix possible signed integer overflow.

common/lib/libc/stdlib/random.c:482:6 can result in signed integer overflow.

This bug was reported by UBSan runs.

The change has been tested using the following program to generate random numbers
in both the old and the new library and can be used to verify the correctness of the
library after the change.

#include <stdio.h>
#include <stdlib.h>

#define COUNT 1000 * 1000

int
main(void)
{
        int i;
        FILE *fp = fopen("numbers.txt", "w");

        srandom(0xdeadbeef);

        for(i = 0; i < COUNT; i++) {
                fprintf(fp, "%ld\n", random());
        }

        fclose(fp);

        return 0;
}

Reviewed by: riastradh@ , kamil@


To generate a diff of this commit:
cvs rdiff -u -r1.5 -r1.6 src/common/lib/libc/stdlib/random.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: src/sbin/modstat
Next by Date: CVS commit: src/sys/arch/alpha/alpha
Previous by Thread: CVS commit: src/sbin/modstat
Next by Thread: CVS commit: src/sys/arch/alpha/alpha
Indexes:

Home | Main Index | Thread Index | Old Index