-
-
Notifications
You must be signed in to change notification settings - Fork 302
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
lib/diglib: fix integer overflow #2735
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good to me!
FYI, this is listed among another 100+ similar overflow issues in the CodeQL CI check.
Out of curiosity: I assume you hit upon this as a bug (segfault or similar) running some code, was it difficult to the track this down?
An integer overflow can happen whenever two integer values are added, subtracted, or multiplied, right? It is practically impossible to cast the operation to the next larger integer type. One exception in GRASS is, we should use
The error message came from |
The issues reported by CodeQL are arithmetics (multiplication) on smaller types which result is stored to a larger type. This reflects the programmers expectations, e.g.: size_t size;
int a, b, c;
size = a * b; // in this case multiplication precedes the (implicit) cast and its result may be overflowed
size = (size_t)a * b; // the cast precedes the multiplication, no problems
c = a * b; // the programmer don't expect larger result, no problems This is why the CodeQL issues only are numbered in the hundreds (and not thousands).
Good to hear. Once I, or someone else, manage to fix those relatively simply fixed CodeQL issues, another potential similar bug to this will be avoided. |
* fix integer type for estimating file size, avoid compiler warnings
* fix integer type for estimating file size, avoid compiler warnings
This PR fixes an integer overflow when writing out spatial index files (sidx) larger than 2GB. With the integer overflow, the resultant file size is underestimated, a wrong size for writing out file offsets is used and the spatial index file becomes unreadable. Other potentially large vector files (coordinates, topology, category index) are not affected.