From b47e645c87464ae6cf0d6e7e265e7139133bea73 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luk=C3=A1=C5=A1=20Zaoral?= Date: Wed, 10 Dec 2025 15:10:01 +0100 Subject: [PATCH] fix use of uninitialized value in sin_cos Resolves: RHEL-44912 --- mpfr-sin_cos-uninit-var.patch | 38 +++++++++++++++++++++++++++++++++++ mpfr.spec | 9 ++++++++- 2 files changed, 46 insertions(+), 1 deletion(-) create mode 100644 mpfr-sin_cos-uninit-var.patch diff --git a/mpfr-sin_cos-uninit-var.patch b/mpfr-sin_cos-uninit-var.patch new file mode 100644 index 0000000..0a75ec5 --- /dev/null +++ b/mpfr-sin_cos-uninit-var.patch @@ -0,0 +1,38 @@ +From 96295d88fc03795ce6ae03ee2daabf9639fd96cc Mon Sep 17 00:00:00 2001 +From: Paul Zimmermann +Date: Wed, 30 Apr 2025 17:09:57 +0200 +Subject: [PATCH] [sin_cos] fixed uninitialized value and added comments + +(issue reported by Jerry James, +see https://sympa.inria.fr/sympa/arc/mpfr/2025-04/msg00039.html) +--- + src/sin_cos.c | 6 +++++- + 1 file changed, 5 insertions(+), 1 deletion(-) + +diff --git a/src/sin_cos.c b/src/sin_cos.c +index af0d87094..5279a4c29 100644 +--- a/src/sin_cos.c ++++ b/src/sin_cos.c +@@ -331,6 +331,9 @@ sin_bs_aux (mpz_t Q0, mpz_t S0, mpz_t C0, mpz_srcptr p, mpfr_prec_t r, + mult[0] = r - pp_s + r0 - p_s; + /* we have x^3 < 1/2^mult[0] */ + ++ /* accu[k] is some bound for the k-th term, more precisely the k-th term ++ is bounded by 1/2^accu[k] */ ++ accu[0] = 0; + for (i = 2, k = 0, prec_i_have = mult[0]; prec_i_have < prec; i += 2) + { + /* i is even here */ +@@ -366,7 +369,8 @@ sin_bs_aux (mpz_t Q0, mpz_t S0, mpz_t C0, mpz_srcptr p, mpfr_prec_t r, + MPFR_MPZ_SIZEINBASE2(mult[k], Q[k]); + mult[k] += 2 * r - size_ptoj[1] - 1; + /* the absolute contribution of the next term is 1/2^accu[k] */ +- accu[k] = (k == 0) ? mult[k] : mult[k] + accu[k-1]; ++ MPFR_ASSERTD(k > 0); ++ accu[k] = mult[k] + accu[k-1]; + prec_i_have = accu[k]; /* the current term is < 1/2^accu[k] */ + j = (i + 2) / 2; + l = 1; +-- +GitLab + diff --git a/mpfr.spec b/mpfr.spec index b455dd6..aa58b15 100644 --- a/mpfr.spec +++ b/mpfr.spec @@ -1,7 +1,7 @@ Summary: C library for multiple-precision floating-point computations Name: mpfr Version: 4.2.1 -Release: 5%{?dist} +Release: 6%{?dist} URL: https://www.mpfr.org/ License: LGPL-3.0-or-later @@ -12,6 +12,10 @@ BuildRequires: texinfo Source0: https://www.mpfr.org/%{name}-%{version}/%{name}-%{version}.tar.xz +# fix use of uninitialized value in sin_cos (RHEL-44912) +# https://gitlab.inria.fr/mpfr/mpfr/-/commit/96295d88fc03795ce6ae03ee2daabf9639fd96cc +Patch: mpfr-sin_cos-uninit-var.patch + # Upstream post-release patches. This currently contains: #Patch0: https://www.mpfr.org/%%{name}-%%{version}/allpatches @@ -95,6 +99,9 @@ export LD_LIBRARY_PATH=%{buildroot}%{_libdir} %{_infodir}/mpfr.info* %changelog +* Wed Dec 10 2025 Lukáš Zaoral - 4.2.1-6 +- fix use of uninitialized value in sin_cos (RHEL-44912) + * Tue Oct 29 2024 Troy Dawson - 4.2.1-5 - Bump release for October 2024 mass rebuild: Resolves: RHEL-64018