Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Integer overflow from swc_ecma_parser crate #10893

Closed
mustakimur opened this issue Jun 8, 2021 · 1 comment · Fixed by #10959
Closed

Integer overflow from swc_ecma_parser crate #10893

mustakimur opened this issue Jun 8, 2021 · 1 comment · Fixed by #10959
Labels
bug Something isn't working correctly swc related to swc (bundling/transpiling)

Comments

@mustakimur
Copy link

Here is the input that causes the integer overflow:

00000020000000000000000000000000

The error is showing:

thread 'main' panicked at 'attempt to multiply with overflow', /home/mustakimur/.cargo/registry/src/github.com-1ecc6299db9ec823/swc_ecma_parser-0.54.4/src/lexer/number.rs:405:24

where the backtrace is:

   0:     0x55555b788e10 - std::backtrace_rs::backtrace::libunwind::trace::h63b7a90188ab5fb3
                               at /rustc/9bc8c42bb2f19e745a63f3445f1ac248fb015e53/library/std/src/../../backtrace/src/backtrace/libunwind.rs:90:5
   1:     0x55555b788e10 - std::backtrace_rs::backtrace::trace_unsynchronized::h80aefbf9b851eca7
                               at /rustc/9bc8c42bb2f19e745a63f3445f1ac248fb015e53/library/std/src/../../backtrace/src/backtrace/mod.rs:66:5
   2:     0x55555b788e10 - std::sys_common::backtrace::_print_fmt::hbef05ae4237a4d72
                               at /rustc/9bc8c42bb2f19e745a63f3445f1ac248fb015e53/library/std/src/sys_common/backtrace.rs:67:5
   3:     0x55555b788e10 - <std::sys_common::backtrace::_print::DisplayBacktrace as core::fmt::Display>::fmt::h28abce2fdb9884c2
                               at /rustc/9bc8c42bb2f19e745a63f3445f1ac248fb015e53/library/std/src/sys_common/backtrace.rs:46:22
   4:     0x55555b7af31f - core::fmt::write::h3b84512577ca38a8
                               at /rustc/9bc8c42bb2f19e745a63f3445f1ac248fb015e53/library/core/src/fmt/mod.rs:1092:17
   5:     0x55555b780492 - std::io::Write::write_fmt::h465f8feea02e2aa1
                               at /rustc/9bc8c42bb2f19e745a63f3445f1ac248fb015e53/library/std/src/io/mod.rs:1572:15
   6:     0x55555b78b5d5 - std::sys_common::backtrace::_print::h525280ee0d29bdde
                               at /rustc/9bc8c42bb2f19e745a63f3445f1ac248fb015e53/library/std/src/sys_common/backtrace.rs:49:5
   7:     0x55555b78b5d5 - std::sys_common::backtrace::print::h1f0f5b9f3ef8fb78
                               at /rustc/9bc8c42bb2f19e745a63f3445f1ac248fb015e53/library/std/src/sys_common/backtrace.rs:36:9
   8:     0x55555b78b5d5 - std::panicking::default_hook::{{closure}}::ha5838f6faa4a5a8f
                               at /rustc/9bc8c42bb2f19e745a63f3445f1ac248fb015e53/library/std/src/panicking.rs:208:50
   9:     0x55555b78b083 - std::panicking::default_hook::hfb9fe98acb0dcb3b
                               at /rustc/9bc8c42bb2f19e745a63f3445f1ac248fb015e53/library/std/src/panicking.rs:225:9
  10:     0x55555b78bbfd - std::panicking::rust_panic_with_hook::hb89f5f19036e6af8
                               at /rustc/9bc8c42bb2f19e745a63f3445f1ac248fb015e53/library/std/src/panicking.rs:591:17
  11:     0x55555b78b757 - std::panicking::begin_panic_handler::{{closure}}::h119e7951427f41da
                               at /rustc/9bc8c42bb2f19e745a63f3445f1ac248fb015e53/library/std/src/panicking.rs:495:13
  12:     0x55555b7892cc - std::sys_common::backtrace::__rust_end_short_backtrace::hce386c44bf47a128
                               at /rustc/9bc8c42bb2f19e745a63f3445f1ac248fb015e53/library/std/src/sys_common/backtrace.rs:141:18
  13:     0x55555b78b6e9 - rust_begin_unwind
                               at /rustc/9bc8c42bb2f19e745a63f3445f1ac248fb015e53/library/std/src/panicking.rs:493:5
  14:     0x555555e6e0a1 - core::panicking::panic_fmt::h2242888e8769cd33
                               at /rustc/9bc8c42bb2f19e745a63f3445f1ac248fb015e53/library/core/src/panicking.rs:92:14
  15:     0x555555e6dfed - core::panicking::panic::h10ab123a4b13cc79
                               at /rustc/9bc8c42bb2f19e745a63f3445f1ac248fb015e53/library/core/src/panicking.rs:50:5
  16:     0x5555596b67fb - swc_ecma_parser::lexer::number::digits::Digits::new::hf16177658a965245
                               at /home/mustakimur/.cargo/registry/src/github.com-1ecc6299db9ec823/swc_ecma_parser-0.54.4/src/lexer/number.rs:405:24

The crate code responsible for the integer overflow is:

fn digits(value: u64, radix: u64) -> impl Iterator<Item = u64> + Clone + 'static {
    debug_assert!(radix > 0);

    #[derive(Clone, Copy)]
    struct Digits {
        n: u64,
        divisor: u64,
    }

    impl Digits {
        fn new(n: u64, radix: u64) -> Self {
            let mut divisor = 1;
            while n >= divisor * radix {  // this line is causing integer overflow
                divisor *= radix;
            }

            Digits { n, divisor }
        }
    }

    ...

    Digits::new(value, radix)
}
@mustakimur mustakimur mentioned this issue Jun 8, 2021
Closed
@lucacasonato lucacasonato added bug Something isn't working correctly swc related to swc (bundling/transpiling) labels Jun 8, 2021
@mustakimur
Copy link
Author

In case, the input file can be found here: https://github.com/mustakimur/crash_report/tree/main/deno/10893

This was referenced Jun 14, 2021
Closed
Merged
magurotuna added a commit to magurotuna/deno that referenced this issue Jun 14, 2021
@magurotuna
chore: upgrade swc_ecmascript
70c5a86 
Fixes denoland#10893, denoland#10954
magurotuna added a commit to magurotuna/deno that referenced this issue Jun 14, 2021
@magurotuna
chore: upgrade swc_ecmascript
cfda315 
Fixes denoland#10893, denoland#10954
Related to denoland/deno_lint#732
magurotuna added a commit to magurotuna/deno that referenced this issue Jun 14, 2021
@magurotuna
chore: upgrade swc_ecmascript
efc49be 
Fixes denoland#10893
Fixes denoland#10954
Related to denoland/deno_lint#732
@magurotuna magurotuna mentioned this issue Jun 14, 2021
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working correctly swc related to swc (bundling/transpiling)
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

chore: upgrade swc_ecmascript magurotuna/deno
2 participants
@mustakimur @lucacasonato