Merge pull request #11188 from lf-/jade/kill-int-overflow

Ban integer overflow in the Nix language
2025-07-08 19:23:54 +02:00 · 2024-08-11 04:24:16 +02:00 · 2024-08-11 04:24:16 +02:00 · 18485d2d53
commit 18485d2d53
parent cfe66dbec3 3cc2e2a0ac
40 changed files with 707 additions and 81 deletions
--- a/tests/functional/lang/eval-fail-fetchTree-negative.err.exp
+++ b/tests/functional/lang/eval-fail-fetchTree-negative.err.exp
@ -0,0 +1,8 @@
+error:
+       … while calling the 'fetchTree' builtin
+         at /pwd/lang/eval-fail-fetchTree-negative.nix:1:1:
+            1| builtins.fetchTree {
+             | ^
+            2|   type = "file";
+
+       error: negative value given for fetchTree attr owner: -1
--- a/tests/functional/lang/eval-fail-fetchTree-negative.nix
+++ b/tests/functional/lang/eval-fail-fetchTree-negative.nix
@ -0,0 +1,5 @@
+builtins.fetchTree {
+  type = "file";
+  url = "file://eval-fail-fetchTree-negative.nix";
+  owner = -1;
+}
--- a/tests/functional/lang/eval-fail-flake-ref-to-string-negative-integer.err.exp
+++ b/tests/functional/lang/eval-fail-flake-ref-to-string-negative-integer.err.exp
@ -0,0 +1,14 @@
+error:
+       … while calling the 'seq' builtin
+         at /pwd/lang/eval-fail-flake-ref-to-string-negative-integer.nix:1:16:
+            1| let n = -1; in builtins.seq n (builtins.flakeRefToString {
+             |                ^
+            2|   type  = "github";
+
+       … while calling the 'flakeRefToString' builtin
+         at /pwd/lang/eval-fail-flake-ref-to-string-negative-integer.nix:1:32:
+            1| let n = -1; in builtins.seq n (builtins.flakeRefToString {
+             |                                ^
+            2|   type  = "github";
+
+       error: negative value given for flake ref attr repo: -1
--- a/tests/functional/lang/eval-fail-flake-ref-to-string-negative-integer.nix
+++ b/tests/functional/lang/eval-fail-flake-ref-to-string-negative-integer.nix
@ -0,0 +1,7 @@
+let n = -1; in builtins.seq n (builtins.flakeRefToString {
+  type  = "github";
+  owner = "NixOS";
+  repo  = n;
+  ref   = "23.05";
+  dir   = "lib";
+})
--- a/tests/functional/lang/eval-fail-fromJSON-overflowing.err.exp
+++ b/tests/functional/lang/eval-fail-fromJSON-overflowing.err.exp
@ -0,0 +1,8 @@
+error:
+       … while calling the 'fromJSON' builtin
+         at /pwd/lang/eval-fail-fromJSON-overflowing.nix:1:1:
+            1| builtins.fromJSON ''{"attr": 18446744073709551615}''
+             | ^
+            2|
+
+       error: unsigned json number 18446744073709551615 outside of Nix integer range
--- a/tests/functional/lang/eval-fail-fromJSON-overflowing.nix
+++ b/tests/functional/lang/eval-fail-fromJSON-overflowing.nix
@ -0,0 +1 @@
+builtins.fromJSON ''{"attr": 18446744073709551615}''
--- a/tests/functional/lang/eval-fail-overflowing-add.err.exp
+++ b/tests/functional/lang/eval-fail-overflowing-add.err.exp
@ -0,0 +1,6 @@
+error: integer overflow in adding 9223372036854775807 + 1
+       at /pwd/lang/eval-fail-overflowing-add.nix:4:8:
+            3|   b = 1;
+            4| in a + b
+             |        ^
+            5|
--- a/tests/functional/lang/eval-fail-overflowing-add.nix
+++ b/tests/functional/lang/eval-fail-overflowing-add.nix
@ -0,0 +1,4 @@
+let
+  a = 9223372036854775807;
+  b = 1;
+in a + b
--- a/tests/functional/lang/eval-fail-overflowing-div.err.exp
+++ b/tests/functional/lang/eval-fail-overflowing-div.err.exp
@ -0,0 +1,23 @@
+error:
+       … while calling the 'seq' builtin
+         at /pwd/lang/eval-fail-overflowing-div.nix:7:4:
+            6|   b = -1;
+            7| in builtins.seq intMin (builtins.seq b (intMin / b))
+             |    ^
+            8|
+
+       … while calling the 'seq' builtin
+         at /pwd/lang/eval-fail-overflowing-div.nix:7:25:
+            6|   b = -1;
+            7| in builtins.seq intMin (builtins.seq b (intMin / b))
+             |                         ^
+            8|
+
+       … while calling the 'div' builtin
+         at /pwd/lang/eval-fail-overflowing-div.nix:7:48:
+            6|   b = -1;
+            7| in builtins.seq intMin (builtins.seq b (intMin / b))
+             |                                                ^
+            8|
+
+       error: integer overflow in dividing -9223372036854775808 / -1
--- a/tests/functional/lang/eval-fail-overflowing-div.nix
+++ b/tests/functional/lang/eval-fail-overflowing-div.nix
@ -0,0 +1,7 @@
+let
+  # lol, this has to be written as an expression like this because negative
+  # numbers use unary negation rather than parsing directly, and 2**63 is out
+  # of range
+  intMin = -9223372036854775807 - 1;
+  b = -1;
+in builtins.seq intMin (builtins.seq b (intMin / b))
--- a/tests/functional/lang/eval-fail-overflowing-mul.err.exp
+++ b/tests/functional/lang/eval-fail-overflowing-mul.err.exp
@ -0,0 +1,16 @@
+error:
+       … while calling the 'mul' builtin
+         at /pwd/lang/eval-fail-overflowing-mul.nix:3:10:
+            2|   a = 4294967297;
+            3| in a * a * a
+             |          ^
+            4|
+
+       … while calling the 'mul' builtin
+         at /pwd/lang/eval-fail-overflowing-mul.nix:3:6:
+            2|   a = 4294967297;
+            3| in a * a * a
+             |      ^
+            4|
+
+       error: integer overflow in multiplying 4294967297 * 4294967297
--- a/tests/functional/lang/eval-fail-overflowing-mul.nix
+++ b/tests/functional/lang/eval-fail-overflowing-mul.nix
@ -0,0 +1,3 @@
+let
+  a = 4294967297;
+in a * a * a
--- a/tests/functional/lang/eval-fail-overflowing-sub.err.exp
+++ b/tests/functional/lang/eval-fail-overflowing-sub.err.exp
@ -0,0 +1,9 @@
+error:
+       … while calling the 'sub' builtin
+         at /pwd/lang/eval-fail-overflowing-sub.nix:4:6:
+            3|   b = 2;
+            4| in a - b
+             |      ^
+            5|
+
+       error: integer overflow in subtracting -9223372036854775807 - 2
--- a/tests/functional/lang/eval-fail-overflowing-sub.nix
+++ b/tests/functional/lang/eval-fail-overflowing-sub.nix
@ -0,0 +1,4 @@
+let
+  a = -9223372036854775807;
+  b = 2;
+in a - b
				`@ -0,0 +1 @@`
				`builtins.fromJSON ''{"attr": 18446744073709551615}''`