lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20260120185856.3d74efcb@pumpkin>
Date: Tue, 20 Jan 2026 18:58:56 +0000
From: David Laight <david.laight.linux@...il.com>
To: "H. Peter Anvin" <hpa@...or.com>
Cc: David Desobry <david.desobry@...malgen.com>, tglx@...nel.org,
 mingo@...hat.com, bp@...en8.de, dave.hansen@...ux.intel.com,
 x86@...nel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] x86/lib: Fix num_digits() signed overflow for INT_MIN

On Tue, 20 Jan 2026 08:23:16 -0800
"H. Peter Anvin" <hpa@...or.com> wrote:

> On January 20, 2026 1:42:58 AM PST, David Desobry <david.desobry@...malgen.com> wrote:
> >In num_digits(), the negation of the input value "val = -val"
> >causes undefined behavior when val is INT_MIN, as its absolute
> >value cannot be represented as a signed 32-bit integer.
> >
> >This leads to incorrect results (returning 2 instead of 11).
> >By promoting the value to long long before negation, we ensure
> >the absolute value is correctly handled.
> >
> >Signed-off-by: David Desobry <david.desobry@...malgen.com>
> >---
> > arch/x86/lib/misc.c | 7 ++++---
> > 1 file changed, 4 insertions(+), 3 deletions(-)
> >
> >diff --git a/arch/x86/lib/misc.c b/arch/x86/lib/misc.c
> >index 40b81c338ae5..c975db6ccb9f 100644
> >--- a/arch/x86/lib/misc.c
> >+++ b/arch/x86/lib/misc.c
> >@@ -8,15 +8,16 @@
> >  */
> > int num_digits(int val)
> > {
> >+	long long v = val;
> > 	long long m = 10;
> > 	int d = 1;
> > 
> >-	if (val < 0) {
> >+	if (v < 0) {
> > 		d++;
> >-		val = -val;
> >+		v = -v;
> > 	}
> > 
> >-	while (val >= m) {
> >+	while (v >= m) {
> > 		m *= 10;
> > 		d++;
> > 	}  
> 
> That has got to be the dumbest possible implementation of that task, bug or no bug.

And you really don't want to be doing 64bit maths on a 32bit system.

> A switch statement would be simpler and faster.

I think you mean a chain of if statement - you'd need a lot of them.
But you could have:
	if (val < 0) {
		if (val < -999999999)
			return 11;
		val = -val;
		d++;
	} else {
		if (val > 999999999)
			return 10;
	}
then use whatever scheme looks best.

	David

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ