From: Junio C Hamano <gitster@pobox.com>
To: "Arthur Chan via GitGitGadget" <gitgitgadget@gmail.com>
Cc: git@vger.kernel.org, Jeff King <peff@peff.net>,
Arthur Chan <arthur.chan@adalogics.com>
Subject: Re: [PATCH v3] fuzz: add new oss-fuzz fuzzer for date.c / date.h
Date: Wed, 15 Nov 2023 02:03:19 +0900 [thread overview]
Message-ID: <xmqqv8a4xo6g.fsf@gitster.g> (raw)
In-Reply-To: <pull.1612.v3.git.1699959186146.gitgitgadget@gmail.com> (Arthur Chan via GitGitGadget's message of "Tue, 14 Nov 2023 10:53:05 +0000")
"Arthur Chan via GitGitGadget" <gitgitgadget@gmail.com> writes:
> ++ tmp_data = (int8_t*)data;
> ++ tz = *tmp_data++;
> ++ tz = (tz << 8) | *tmp_data++;
> ++ tz = (tz << 8) | *tmp_data++;
This has a funny skew towards negative number. Any time MSB of the
one of the three bytes is set, tz becomes negative. Worse, a byte
taken from *tmp_data that has its MSB on will _wipe_ what was read
in tz so far, because its higher order bits above 8th bit are sign
extended. If the incoming data is evenly distributed, 7/8 of the
time, you'd end up with a negative number in tz, no?
I think you can and should pick bytes with uint8_t pointer to avoid
sign extending individual bytes and sign extend the resulting number
at the end. Or if it is too cumbersome to do so, using "int16_t tz"
and filling it with two bytes from *data will sign extend itself
when we pass it to show_date() as a parameter of type "int", which
may be the easiest to code, I suspect.
Thanks.
next prev parent reply other threads:[~2023-11-14 17:03 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-11-11 17:39 [PATCH] fuzz: add new oss-fuzz fuzzer for date.c / date.h Arthur Chan via GitGitGadget
2023-11-12 5:59 ` Junio C Hamano
2023-11-12 12:39 ` Junio C Hamano
2023-11-13 16:22 ` [PATCH v2] " Arthur Chan via GitGitGadget
2023-11-13 18:35 ` Jeff King
2023-11-13 23:27 ` Junio C Hamano
2023-11-13 23:27 ` Junio C Hamano
2023-11-14 10:53 ` [PATCH v3] " Arthur Chan via GitGitGadget
2023-11-14 17:03 ` Junio C Hamano [this message]
2023-11-17 17:47 ` [PATCH v4] " Arthur Chan via GitGitGadget
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=xmqqv8a4xo6g.fsf@gitster.g \
--to=gitster@pobox.com \
--cc=arthur.chan@adalogics.com \
--cc=git@vger.kernel.org \
--cc=gitgitgadget@gmail.com \
--cc=peff@peff.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.