Nmap Development mailing list archives
Re: [PATCH] timing.cc integer overflow
From: David Fifield <david () bamsoftware com>
Date: Wed, 11 Feb 2009 10:52:36 -0700
On Mon, Feb 09, 2009 at 03:03:06PM -0700, David Fifield wrote:
On Mon, Feb 09, 2009 at 08:19:06PM +0100, Henri Doreau wrote:Thanks, I have committed this patch. However I think there's still some work to do. The member function ScanProgressMeter::printStatsIfNecessary does some of the same calculations as ScanProgressMeter::printStats, and it still does them with longs. I don't know what the effect would be, but it could cause the stats not to be printed when they should be, or vice versa. Can you look at that function and do the calculations in the same way, or (even better) remove the duplicated code into a separate function?I have added a (public) method: ScanProgressMeter::estimateTimeLeft that returns a double. It "factorizes" the duplicated code for both ScanProgressMeter::printStatsIfNecessary and ScanProgressMeter::printStats. So the patch contains a modified version of ScanProgressMeter::printStatsIfNecessary, and the same way, ScanProgressMeter::mayBePrinted was changed to compute things in seconds only.The patch looks reasonable but I'm still checking it out. Can you elaborate on this comment about the ABS macro? - prev_est_time_left_ms = TIMEVAL_MSEC_SUBTRACT(last_est, *now); - change_abs_ms = ABS(prev_est_time_left_ms - time_left_ms); - if (prev_est_time_left_ms <= 0) + prev_est_time_left_s = difftime(last_est.tv_sec, now->tv_sec); + + /* the ABS() macro produces strange results with doubles */ + if ((change_abs_s = prev_est_time_left_s - time_left_s) < 0) + change_abs_s *= -1; + + if (prev_est_time_left_s <= 0) The reason I ask is that ABS seems to be broken with any data type. It's defined in nbase/nbase.h as #define ABS(x) (((x) >= 0)?(x):(-x)) but it should be #define ABS(x) (((x) >= 0)?(x):-(x)) Running the ABS line in timing.cc through the preprocessor gives change_abs_ms = (((prev_est_time_left_ms - time_left_ms) >= 0)?(prev_est_time_left_ms - time_left_ms):(-prev_est_time_left_ms - time_left_ms)); which will have a negative value whenever prev_est_time_left_ms < time_left_ms and both are positive.
I corrected that in r12085. I added some debugging code and it clearly was giving wrong results sometimes. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- [PATCH] timing.cc integer overflow Henri Doreau (Jan 25)
- Re: [PATCH] timing.cc integer overflow David Fifield (Jan 25)
- Re: [PATCH] timing.cc integer overflow Henri Doreau (Jan 26)
- Re: [PATCH] timing.cc integer overflow Henri Doreau (Jan 26)
- Re: [PATCH] timing.cc integer overflow David Fifield (Feb 03)
- Re: [PATCH] timing.cc integer overflow Henri Doreau (Feb 04)
- Re: [PATCH] timing.cc integer overflow David Fifield (Feb 04)
- Re: [PATCH] timing.cc integer overflow Henri Doreau (Feb 09)
- Re: [PATCH] timing.cc integer overflow David Fifield (Feb 09)
- Re: [PATCH] timing.cc integer overflow David Fifield (Feb 11)
- Re: [PATCH] timing.cc integer overflow David Fifield (Feb 11)
- Re: [PATCH] timing.cc integer overflow Henri Doreau (Jan 26)
- Re: [PATCH] timing.cc integer overflow David Fifield (Jan 25)