Re: Motion 46: finalise interval literals, amendments
John,
> "Supplying a long rational number to an IEEE-1788 interval package can cause buffer overflow, allowing arbitrary code execution"
Ok. OutOfMemory failure is bad.
So implementation may choose soft failure that is described in 11.11.8 .
If implementation can't compute exactly pl/ql and pu/qu in interval literal [pl/ql, pu/qu],
than it returns a wider interval that is surely contains pl/ql and pu/qu .
If correct rounding of p/q is not required,
computation of valid enclosure of p/q doesn't require
to store all digits of p and q in memory.
-Dima
----- Исходное сообщение -----
От: j.d.pryce@xxxxxxxxxx
Кому: dmitry.nadezhin@xxxxxxxxxx
Копия: stds-1788@xxxxxxxxxxxxxxxxx
Отправленные: Среда, 10 Июль 2013 г 11:55:08 GMT +04:00 Абу-Даби, Маскат
Тема: Re: Motion 46: finalise interval literals, amendments
On 10 Jul 2013, at 05:37, Dmitry Nadezhin wrote:
>> the literals may be read from an unseekable stream.
> ...
> In practice p and q are of reasonable size.
> I imagine only how a hacker sipplies long digit sequences as DoS attack.
> An implementation may fail if it can't store input stream in memory
> reporting OutOfMemory error.
> I don't think that standard should specifiy this.
Hmm. Am I right that this p/q feature is the ONLY place in the standard that specifies data structures of unbounded size? (Arrays, etc., are of unbounded size but are language responsibility, not ours.)
Should we be extra careful here? I don't want to see a security update in the future saying "Supplying a long rational number to an IEEE-1788 interval package can cause buffer overflow, allowing arbitrary code execution".
JohnP