From 2ebe47374fa8cfa95f6ae6a226e124a3fee4fc0c Mon Sep 17 00:00:00 2001
From: Benjamin Bannier <benjamin.bannier@corelight.com>
Date: Thu, 17 Oct 2024 10:38:44 +0200
Subject: [PATCH] Prevent SafeInt from throwing exceptions on bitshift
 overflows.

Closes #1829.
---
 hilti/runtime/include/safe-int.h              | 17 ++++++++++++++-
 .../hilti.types.integer.shift-overflow/output |  2 ++
 tests/hilti/types/integer/shift-overflow.hlt  | 21 +++++++++++++++++++
 3 files changed, 39 insertions(+), 1 deletion(-)
 create mode 100644 tests/Baseline/hilti.types.integer.shift-overflow/output
 create mode 100644 tests/hilti/types/integer/shift-overflow.hlt

diff --git a/hilti/runtime/include/safe-int.h b/hilti/runtime/include/safe-int.h
index f5e00e3c6..a47765c13 100644
--- a/hilti/runtime/include/safe-int.h
+++ b/hilti/runtime/include/safe-int.h
@@ -1,10 +1,25 @@
 // Copyright (c) 2020-2023 by the Zeek Project. See LICENSE for details.
 
 #pragma once
+#include <algorithm>
+
+#include <hilti/rt/exception.h>
 
 #define SAFEINT_DISABLE_ADDRESS_OPERATOR
+
+// Workaround for https://github.com/zeek/spicy/issues/1829 while is waiting to be merged.
+
+namespace hilti::rt::debug {
+// Forward-declare since `hilti/rt/logging.h` includes this header.
+const char* location();
+} // namespace hilti::rt::debug
+
+#define SAFEINT_REMOVE_NOTHROW
+#define SAFEINT_ASSERT(x)                                                                                              \
+    throw ::hilti::rt::Overflow("overflow detected",                                                                   \
+                                std::max(hilti::rt::debug::location(), static_cast<const char*>("<no location>")))
+
 #include <hilti/rt/3rdparty/SafeInt/SafeInt.hpp>
-#include <hilti/rt/exception.h>
 
 namespace hilti::rt::integer {
 
diff --git a/tests/Baseline/hilti.types.integer.shift-overflow/output b/tests/Baseline/hilti.types.integer.shift-overflow/output
new file mode 100644
index 000000000..893ae087e
--- /dev/null
+++ b/tests/Baseline/hilti.types.integer.shift-overflow/output
@@ -0,0 +1,2 @@
+### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
+uncaught exception hilti::rt::Overflow: overflow detected (<...>/shift-overflow.hlt:12:1-12:33)
diff --git a/tests/hilti/types/integer/shift-overflow.hlt b/tests/hilti/types/integer/shift-overflow.hlt
new file mode 100644
index 000000000..555964b65
--- /dev/null
+++ b/tests/hilti/types/integer/shift-overflow.hlt
@@ -0,0 +1,21 @@
+# @TEST-DOC: Checks that overflows on bitshifts cause exceptions, regression test for #1829.
+#
+# TODO: Revisit this once https://github.com/dcleblanc/SafeInt/pull/64 moved forward.
+#
+# @TEST-EXEC-FAIL: hiltic -dj %INPUT >output 2>&1
+# @TEST-EXEC: btest-diff output
+
+module overflow {
+
+import hilti;
+
+hilti::print(uint8(0) << 8, True);
+hilti::print(uint16(0) << 16, True);
+hilti::print(uint32(0) << 32, True);
+hilti::print(0 << 64, True);
+hilti::print(uint8(0) << 8, True);
+hilti::print(uint16(0) << 16, True);
+hilti::print(uint32(0) << 32, True);
+hilti::print(0 << 64, True);
+
+}