Hi,
I found a potential integer overflow issue through Kani formal verification.
Location: src/raw.rs:189
Current Code:
fn bucket_mask_to_capacity(bucket_mask: usize) -> usize {
if bucket_mask < 8 {
bucket_mask
} else {
((bucket_mask + 1) / 8) * 7 // Overflow when bucket_mask == usize::MAX!
}
}
Problem:
When bucket_mask = usize::MAX:
bucket_mask + 1 wraps to 0
Returns 0 instead of correct capacity
Suggested Fix:
fn bucket_mask_to_capacity(bucket_mask: usize) -> usize {
if bucket_mask < 8 {
bucket_mask
} else {
bucket_mask.checked_add(1)
.map(|bm| (bm / 8) * 7)
.unwrap_or(usize::MAX)
}
}
Could you please confirm if this is a valid concern?
Hi,
I found a potential integer overflow issue through Kani formal verification.
Location: src/raw.rs:189
Current Code:
fn bucket_mask_to_capacity(bucket_mask: usize) -> usize {
if bucket_mask < 8 {
bucket_mask
} else {
((bucket_mask + 1) / 8) * 7 // Overflow when bucket_mask == usize::MAX!
}
}
Problem:
When bucket_mask = usize::MAX:
bucket_mask + 1 wraps to 0
Returns 0 instead of correct capacity
Suggested Fix:
fn bucket_mask_to_capacity(bucket_mask: usize) -> usize {
if bucket_mask < 8 {
bucket_mask
} else {
bucket_mask.checked_add(1)
.map(|bm| (bm / 8) * 7)
.unwrap_or(usize::MAX)
}
}
Could you please confirm if this is a valid concern?