-
Laszlo Ersek authored
OCaml's fixed-width integers only come in signed flavor (int32, int64). Because of this, we currently map C's uint32_t and uint64_t types to OCaml's int32 and int64 types, respectively. Unfortunately, this can be considered a security bug: when the most significant bit of a C-language uint32_t or uint64_t value is set, it is reinterpreted (in two's complement representation) as a negative value in OCaml. This can cause various issues; it can for example make OCaml loops that should be strictly progressing go backwards (and run infinitely). Try to mitigate this issue at least for uint32_t: widen it to OCaml's int64 type. In the inverse direction (i.e., narrowing int64 to uint32_t), raise an OCaml Invalid_argument exception upon a range error. Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2040610 Signed-off-by: Laszlo Ersek <lersek@redhat.com> Message-Id: <20220114133833.24835-1-lersek@redhat.com> Reviewed-by: Richard W.M. Jones <rjones@redhat.com>