From ef0b7b61f6bf045969796af52ac996961ccfd0c8 Mon Sep 17 00:00:00 2001 From: Markus Maiwald Date: Tue, 3 Feb 2026 17:50:08 +0100 Subject: [PATCH] fix: Use wrapping arithmetic in PNG to avoid overflow Use +% for wrapping addition to prevent debug panic on overflow. Cast through u32 for multiplication to avoid u8 overflow. Refs: RFC-0015 --- l0-transport/png.zig | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/l0-transport/png.zig b/l0-transport/png.zig index fcf8999..d4afec1 100644 --- a/l0-transport/png.zig +++ b/l0-transport/png.zig @@ -70,15 +70,20 @@ pub const PngState = struct { const size_dist_val = entropy[0] % 4; const timing_dist_val = entropy[1] % 3; + // Use wrapping arithmetic to avoid overflow panics in debug mode + const size_mean_val = @as(u16, 1200) +% @as(u16, @as(u32, entropy[2]) * 2); + const size_stddev_val = @as(u16, 100) +% @as(u16, entropy[3]); + const epoch_count = @as(u32, 100) +% (@as(u32, entropy[7]) * 4); + return EpochProfile{ .size_distribution = @enumFromInt(@as(u32, size_dist_val)), - .size_mean = @as(u16, 1200) + (@as(u16, entropy[2]) * 2), // 1200-1710 bytes - .size_stddev = 100 + entropy[3], // 100-355 bytes + .size_mean = size_mean_val, + .size_stddev = size_stddev_val, .timing_distribution = @enumFromInt(@as(u32, timing_dist_val)), .timing_lambda = 0.001 + (@as(f64, @floatFromInt(entropy[4])) / 255.0) * 0.019, .dummy_probability = @as(f64, @floatFromInt(entropy[5] % 16)) / 100.0, .dummy_distribution = if (entropy[6] % 2 == 0) .Uniform else .Bursty, - .epoch_packet_count = 100 + (@as(u32, entropy[7]) * 4), // 100-1116 packets + .epoch_packet_count = epoch_count, }; }