[PATCH] Replace deliberate division by zero with raise(SIGFPE).

Xi Wang xi.wang at gmail.com
Sat Jul 14 23:39:10 CEST 2012 

* mpi/mpi-pow.c (gcry_mpi_powm): Replace 1 / msize.
* mpi/mpih-div.c (_gcry_mpih_divrem): Replace 1 / dsize.

1) Division by zero doesn't "provoke a signal" on architectures
   like PowerPC.

2) C compilers like clang will optimize away these divisions, even
   though the code tries "to make the compiler not remove" them.
---
 mpi/mpi-pow.c  |    6 +++++-
 mpi/mpih-div.c |    6 +++---
 2 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/mpi/mpi-pow.c b/mpi/mpi-pow.c
index 33bbebe..c1cd3ec 100644
--- a/mpi/mpi-pow.c
+++ b/mpi/mpi-pow.c
@@ -31,6 +31,7 @@
 
 #include "mpi-internal.h"
 #include "longlong.h"
+#include "g10lib.h"
 
 
 /****************
@@ -76,7 +77,10 @@ gcry_mpi_powm (gcry_mpi_t res,
   ep = expo->d;
 
   if (!msize)
-    msize = 1 / msize;	    /* Provoke a signal.  */
+    {
+      raise(SIGFPE);
+      goto leave;
+    }
 
   if (!esize)
     {
diff --git a/mpi/mpih-div.c b/mpi/mpih-div.c
index 224b810..dda53ad 100644
--- a/mpi/mpih-div.c
+++ b/mpi/mpih-div.c
@@ -30,6 +30,7 @@
 #include <stdlib.h>
 #include "mpi-internal.h"
 #include "longlong.h"
+#include "g10lib.h"
 
 #ifndef UMUL_TIME
 #define UMUL_TIME 1
@@ -212,9 +213,8 @@ _gcry_mpih_divrem( mpi_ptr_t qp, mpi_size_t qextra_limbs,
 
     switch(dsize) {
       case 0:
-	/* We are asked to divide by zero, so go ahead and do it!  (To make
-	   the compiler not remove this statement, return the value.)  */
-	return 1 / dsize;
+	raise(SIGFPE);
+	break;
 
       case 1:
 	{
-- 
1.7.9.5

On 7/15/12 4:46 AM, Xi Wang wrote:
> Hi,
> 
> There are two occurrences of intentional division by zero in mpi.
> Division by zero is undefined behavior in C, and it may not work
> as intended.
> 
> 1) Division by zero doesn't "provoke a signal" on architectures
>     like PowerPC.
> 
> 2) C compilers like clang will optimize away these divisions, even
>     though the code tries "to make the compiler not remove" them.
> 
> gcry_mpi_powm() at mpi/mpi-pow.c:78
> 
>    if (!msize)
>      msize = 1 / msize;      /* Provoke a signal.  */
> 
> _gcry_mpih_divrem() at mpi/mpih-div.c:213
> 
>      switch(dsize) {
>        case 0:
>          /* We are asked to divide by zero, so go ahead and do it!  (To make
>             the compiler not remove this statement, return the value.)  */
>          return 1 / dsize;
> 
> How about using something like signal(SIGFPE) instead?
> 
> - xi
>

More information about the Gcrypt-devel mailing list