Skip to content

py/mpz: Ignore calls to to_bytes with zero length. #14493

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

py/mpz: Ignore calls to to_bytes with zero length. #14493

wants to merge 1 commit into from

Conversation

agatti
Copy link
Contributor

@agatti agatti commented May 16, 2024
edited
Loading

Requesting a zero-sized bytes representation of large integers (using mpz rather than long long) would attempt to sign-extend a zero-bytes buffer with no bounds checking. This PR sidesteps the whole issue by not performing any operation if the requested length is zero, with the same runtime behaviour as smaller integers in the same situation.

For the record, code like int.from_bytes(bytes(range(20)), "big").to_bytes(0, "big") would crash MicroPython with:

#0  __memset_avx2_unaligned_erms ()
    at ../sysdeps/x86_64/multiarch/memset-vec-unaligned-erms.S:330
#1  0x000055555557a9c9 in mpz_as_bytes (z=<optimized out>, 
    big_endian=big_endian@entry=true, len=<optimized out>, len@entry=0, 
    buf=<optimized out>, buf@entry=0x7ffff7a06fe0 "") at ../../py/mpz.c:1631
#2  0x0000555555598eec in mp_obj_int_to_bytes_impl (self_in=<optimized out>, 
    big_endian=big_endian@entry=true, len=len@entry=0, 
    buf=buf@entry=0x7ffff7a06fe0 "") at ../../py/objint_mpz.c:118
#3  0x0000555555598525 in int_to_bytes (n_args=<optimized out>, 
    args=0x7fffffffab78) at ../../py/objint.c:440
[...]

@agatti
py/mpz: Ignore calls to to_bytes with zero length.
3015d2b 
Calling `int.to_bytes` on integers large enough to let MicroPython
switch to mpz for their internal representation, if the length of the
requested byte array is zero the code will try to fill a zero-length
buffer with sign extension bytes and crash.

Signed-off-by: Alessandro Gatti <a.gatti@frob.it>
@codecov Codecov
Copy link

codecov bot commented May 16, 2024

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 98.39%. Comparing base (cfd5a8e) to head (3015d2b).

Additional details and impacted files 
@@           Coverage Diff           @@
##           master   #14493   +/-   ##
=======================================
  Coverage   98.39%   98.39%           
=======================================
  Files         161      161           
  Lines       21204    21205    +1     
=======================================
+ Hits        20864    20865    +1     
  Misses        340      340

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@github-actions GitHub Actions
Copy link

Code size report:

   bare-arm:    +0 +0.000% 
minimal x86:    +0 +0.000% 
   unix x64:    +0 +0.000% standard
      stm32:    +0 +0.000% PYBV10
     mimxrt:    +8 +0.002% TEENSY40
        rp2:    +0 +0.000% RPI_PICO
       samd:    +8 +0.003% ADAFRUIT_ITSYBITSY_M4_EXPRESS

@agatti
Copy link
Contributor Author

agatti commented May 16, 2024

Is thread/thread_gc1 a flaky test? The function I modified shouldn't really impact on the garbage collector's operation (it doesn't allocate any memory at all).

@dpgeorge
Copy link
Member

Is thread/thread_gc1 a flaky test?

Yes, it's flaky. I have rerun it.

@dpgeorge dpgeorge added the py-core Relates to py/ directory in source label May 17, 2024
@agatti
Copy link
Contributor Author

agatti commented May 17, 2024

Sorry, this looks like it is already part of #13087 - I was looking for pending PRs that made changes to py/mpz and I missed that one :(

@agatti agatti closed this May 17, 2024
@projectgus
Copy link
Contributor

@agatti Your patch is a lot smaller, so if the bigger one in 13087 turns out too big then it might be a better pick. 😆

@agatti agatti deleted the mpz-tobytes-null-length-fix branch June 4, 2024 17:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
py-core Relates to py/ directory in source
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@agatti @dpgeorge @projectgus
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy