integer overflow in FUZZ=package_rbf #33981

issue maflcko openend this issue on December 1, 2025
  1. maflcko commented at 10:08 am on December 1, 2025: member

    Oss-Fuzz: https://issues.oss-fuzz.com/issues/464820824

    Input: https://github.com/user-attachments/files/23850907/clusterfuzz-testcase-minimized-package_rbf-5766839826448384.bin.not.txt

    Reproduce:

    UBSAN_OPTIONS="suppressions=$(pwd)/test/sanitizer_suppressions/ubsan:print_stacktrace=1:halt_on_error=1:report_error_type=1" FUZZ=package_rbf ./bld-cmake/bin/fuzz -runs=1 /tmp/tmp.hLXaXiiFIP/clusterfuzz-testcase-minimized-package_rbf-5766839826448384.bin.not.txt

    0src/util/feefrac.h:128:14: runtime error: signed integer overflow: 2147278440 + 318300 cannot be represented in type 'int32_t' (aka 'int')
  2. maflcko added this to the milestone 31.0 on Dec 1, 2025
  3. instagibbs commented at 3:25 pm on December 1, 2025: member
    I believe I diagnosed it and implemented a fix https://github.com/bitcoin/bitcoin/pull/33985


maflcko instagibbs

Milestone
31.0

github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2025-12-01 21:13 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me