|Anonymous | Login||2020-07-13 13:54 UTC|
|My View | View Issues | Change Log | Roadmap|
|View Issue Details|
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0000964||OMNeT++||simulation kernel||public||2016-07-15 08:57||2016-07-15 08:57|
|Platform||x86_64||OS||Ubuntu||OS Version||16.04 (xenial)|
|Target Version||Fixed in Version|
|Summary||0000964: Integer saturation in chistogram.cc when when input value range is very large|
|Description||When working with a custom PER calculation model, I found a bug within chistogram::setupRangeInteger (chistogram.cc line 333). The calculated PER value would exceed 1.0 by far, which would cause an integer overflow when calculating cellSize for non-fixed ranges. With a maximum recorded value of 2,32e+291 (long)ceil(rangeMax - rangeMin/200.0) would result in a negative value for numCels (0x8000000000000000), since (long) and not (unsigned long) is used.|
This causes an error in cHistogram::transform() (chistogram.cc line 129):
cellv = new unsigned[numCells];
which results in: std::bad_array_new_length.
Changing the lines to cast to unsigned long instead, does not generate a negative value for numCells, but still results in std::bad_array_new_length. It seems as in this case some other limit is active.
It seems that a maximum or minimum check before the creation of the new array should be introduced avoiding the array creation failure.
|Steps To Reproduce||- Use histogram in integer mode|
- record very large value
|Tags||No tags attached.|
|2016-07-15 08:57||pfefferk||New Issue|
|Copyright © 2000 - 2020 MantisBT Team|