Fix infinite loop with bad section ends in TastyHeaderUnpickler#25676
Open
SolalPirelli wants to merge 8 commits intoscala:mainfrom
Open
Fix infinite loop with bad section ends in TastyHeaderUnpickler#25676SolalPirelli wants to merge 8 commits intoscala:mainfrom
SolalPirelli wants to merge 8 commits intoscala:mainfrom
Conversation
SolalPirelli
commented
Apr 1, 2026
| val fileExperimental = readNat() | ||
| val toolingVersion = { | ||
| val length = readNat() | ||
| val length = readNonnegNat() |
Contributor
Author
There was a problem hiding this comment.
this one wasn't part of the original problem but seems like it needs fixing as well
mbovel
previously approved these changes
Apr 1, 2026
SolalPirelli
commented
Apr 2, 2026
| else if (tag >= firstNatASTTreeTag) { readNat(); skipTree() } | ||
| else if (tag >= firstASTTreeTag) skipTree() | ||
| else if (tag >= firstNatTreeTag) readNat() | ||
| else if (tag >= firstNatTreeTag) readLongInt() |
Contributor
Author
There was a problem hiding this comment.
these two calls used to be equivalent because we didn't check that it was really a nat or really not a long
sjrd
requested changes
Apr 2, 2026
|
|
||
| /** Read a natural number fitting in a Long in big endian format, base 128. | ||
| * All but the last digits have bit 0x80 set. | ||
| /** Read a 63-bit natural (nonnegative) number in 2's complement big endian format, base 128, stored as octets. |
Member
There was a problem hiding this comment.
Suggested change
| /** Read a 63-bit natural (nonnegative) number in 2's complement big endian format, base 128, stored as octets. | |
| /** Read a 63-bit natural (nonnegative) number in big endian format, base 128, stored as octets. |
It's not 2's complement if it's unsigned. And clearly the implementation does not manipulate the sign.
| throw new UnpickleException(s"Expected a long nat, but read too many bytes (${bp - ogBp})") | ||
| } | ||
| if (x < 0) { | ||
| throw new UnpickleException(s"Expected a nat, got: $x") |
Member
There was a problem hiding this comment.
Since 9*7 = 63, we couldn't possibly have set the sign bit. Make it an assert rather than an UnpickleException?
UnpickleException = the input file is invalid ; AssertionError = whether or not the input file was valid, the unpickler had a bug.
Comment on lines
+77
to
+80
| if (l < Int.MinValue || l > Int.MaxValue) { | ||
| throw new UnpickleException(s"Expected a 32-bit int, got: $l") | ||
| } | ||
| l.toInt |
Member
There was a problem hiding this comment.
Suggested change
| if (l < Int.MinValue || l > Int.MaxValue) { | |
| throw new UnpickleException(s"Expected a 32-bit int, got: $l") | |
| } | |
| l.toInt | |
| val i = l.toInt | |
| if (i.toLong != l) { | |
| throw new UnpickleException(s"Expected a 32-bit int, got: $l") | |
| } | |
| i |
?
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Don't go backward with end of sections.
How much have you relied on LLM-based tools in this contribution?
not
How was the solution tested?
new test