Fix signed subtraction overflow in CBigNum::setint64().

As noticed by sipa (Pieter Wuille), this can happen when CBigNum::setint64() is called with an integer value of INT64_MIN (-2^63). When compiled with -ftrapv, the program would crash. Otherwise, it would execute an undefined operation (although in practice, usually the correct one).
12 years ago · 5849bd472a
1 changed files with 9 additions and 1 deletions
--- a/src/bignum.h
+++ b/src/bignum.h
@ -131,7 +131,15 @@ public:
				@@ -131,7 +131,15 @@ public:

        if (sn < (int64)0)
        {
-            n = -sn;
+            // We negate in 2 steps to avoid signed subtraction overflow,
+            // i.e. -(-2^63), which is an undefined operation and causes SIGILL
+            // when compiled with -ftrapv.
+            //
+            // Note that uint64_t n = sn, when sn is an int64_t, is a
+            // well-defined operation and n will be equal to sn + 2^64 when sn
+            // is negative.
+            n = sn;
+            n = -n;
            fNegative = true;
        } else {
            n = sn;