On Tue, Jan 5, 2016 at 3:10 PM, Ted Unangst <[email protected]> wrote:
> it would be simpler to fix the bug than to rewrite the whole program, no?
>
> Index: expr.c
> ===================================================================
> RCS file: /cvs/src/bin/expr/expr.c,v
> retrieving revision 1.23
> diff -u -p -r1.23 expr.c
> --- expr.c 29 Dec 2015 19:06:16 -0000 1.23
> +++ expr.c 5 Jan 2016 20:09:31 -0000
I believe @tedu's patch missed a bounds check within the division and
modulo operators. Here's the behavior I'm seeing on AMD64:
kehaar:expr/ $ obj/expr -2147483648 / -1
-2147483648
kehaar:expr/ $ obj/expr -9223372036854775808 / -1
Floating point exception (core dumped)
Switching INT_MAX to INT64_MAX I get the following:
kehaar:expr/ $ obj/expr -2147483648 / -1
2147483648
kehaar:expr/ $ obj/expr -9223372036854775808 / -1
-9223372036854775808
cheers,
Nathan
Index: expr.c
===================================================================
RCS file: /cvs/src/bin/expr/expr.c,v
retrieving revision 1.24
diff -u -p -r1.24 expr.c
--- expr.c 6 Jan 2016 17:53:14 -0000 1.24
+++ expr.c 14 Nov 2015 13:13:26 -0000
@@ -7,6 +7,7 @@
*/
#include <stdio.h>
+#include <stdint.h>
#include <stdlib.h>
#include <string.h>
#include <limits.h>
@@ -331,10 +332,10 @@ eval4(void)
errx(2, "division by zero");
}
if (op == DIV) {
- if (l->u.i != INT_MIN || r->u.i != -1)
+ if (l->u.i != INT64_MIN || r->u.i != -1)
l->u.i /= r->u.i;
} else {
- if (l->u.i != INT_MIN || r->u.i != -1)
+ if (l->u.i != INT64_MIN || r->u.i != -1)
l->u.i %= r->u.i;
else
l->u.i = 0;
