Overflow bug in search functions

lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

Subject: Overflow bug in search functions
From: Dmitry <faramir@...>
Date: Mon, 16 Jul 2018 08:45:32 +0300

I checked a new version 5.3.5 of Lua and found overflow bug in four functions.
The older versions of Lua also contain this error.

Affected functions.
lauxlib.c
int countlevels (lua_State *L)

ltable.c
int unbound_search (Table *t, unsigned int j)
int luaH_getn (Table *t);

ltabllib.c
void auxsort (lua_State *L, TabA *ta, int l, int u)

The bug is very common. This equation leads overflow.
m = (h + l) / 2;

The equation should be rewritten as:
m = l + (h - l) / 2;

https://stackoverflow.com/questions/6735259/calculating-mid-in-binary-search

Follow-Ups:
- Re: Overflow bug in search functions, Pierre Chapuis

Prev by Date: Re: Finding out if a C compiler is installed
Next by Date: Re: Overflow bug in search functions
Previous by thread: Re: Finding out if a C compiler is installed
Next by thread: Re: Overflow bug in search functions
Index(es):
- Date
- Thread