Skip to content

od: fix overflow panic in --traditional label accumulator#13241

Open
koopatroopa787 wants to merge 1 commit into
uutils:mainfrom
koopatroopa787:fix-od-traditional-label-overflow
Open

od: fix overflow panic in --traditional label accumulator#13241
koopatroopa787 wants to merge 1 commit into
uutils:mainfrom
koopatroopa787:fix-od-traditional-label-overflow

Conversation

@koopatroopa787

Copy link
Copy Markdown
Contributor

Summary

InputOffset::increase_position used plain += / + for the running
byte position and user-supplied --traditional label. In debug builds
(or any build compiled with -C overflow-checks=on) a label near
u64::MAX causes an "attempt to add with overflow" panic on the very
first read:

$ printf '0123456789ABCDEF' | ./target/debug/od --traditional - 0 0xffffffffffffffff
thread 'main' panicked at src/uu/od/src/input_offset.rs:40:31:
attempt to add with overflow

GNU od uses C unsigned long arithmetic, which silently wraps on
overflow. The fix switches both fields to wrapping_add to match that
behaviour and eliminate the panic.

Changes

  • src/uu/od/src/input_offset.rs: increase_position now uses
    wrapping_add for byte_pos and label.
  • Adds test_increase_position_wraps_on_overflow unit test that would
    have panicked before this fix.

Fixes #13225

`InputOffset::increase_position` used plain `+=` / `+` for the running
byte position and user-supplied label, which panics in debug builds (or
any build with `-C overflow-checks=on`) when the label is near
`u64::MAX`. C unsigned arithmetic wraps on overflow, and GNU od silently
wraps in the same situation.

Switch to `wrapping_add` for both fields to match GNU's behaviour and
eliminate the debug-mode panic reported in uutils#13225.

Adds a unit test that exercises the wrap-around path directly.

Fixes uutils#13225
Copilot AI review requested due to automatic review settings July 1, 2026 13:07

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR fixes an overflow panic in od --traditional offset/label accumulation by switching the internal byte position and optional label arithmetic to wrapping semantics, matching GNU od’s unsigned overflow behavior.

Changes:

  • Use wrapping_add for InputOffset::increase_position updates to byte_pos and label.
  • Add a regression unit test to ensure near-u64::MAX labels don’t panic and wrap correctly.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment on lines +100 to +104
// A label of u64::MAX must not panic — it wraps, matching C unsigned semantics.
let mut sut = InputOffset::new(Radix::Hexadecimal, 0, Some(u64::MAX));
sut.increase_position(1); // would panic in debug builds before the fix
assert_eq!(sut.label, Some(0));
}
@github-actions

github-actions Bot commented Jul 1, 2026

Copy link
Copy Markdown

GNU testsuite comparison:

Skipping an intermittent issue tests/date/date-locale-hour (passes in this run but fails in the 'main' branch)
Skipping an intermittent issue tests/date/resolution (passes in this run but fails in the 'main' branch)
Note: The gnu test tests/tail/tail-n0f is now being skipped but was previously passing.
Congrats! The gnu test tests/dd/no-allocate is now passing!
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

2 participants