[Bro-Dev] Buggy bro sort() function
Jim Mellander
jmellander at lbl.gov
Wed Jan 24 10:04:09 PST 2018
Turns out that a number of other BIFs are not 64-bit safe, rand(), order(),
to_int() are examples.
Filing a bug report.
On Tue, Jan 23, 2018 at 12:08 PM, Jim Mellander <jmellander at lbl.gov> wrote:
> Hi all:
>
> The attached brogram demonstrates that the bro sort() function does not
> sort correctly under certain circumstances (tested on OS/X & Linux). The
> behavior also occurs when using the common function idiom of sort(myvec,
> function(a: int, b: int): int { return a-b;});
>
> I haven't examined bro source code, but since some of the test values are
> larger than 32 bits, I surmise that there is a casting from 64 to 32 bits
> that could change the sign of the comparison, thus causing this problem.
>
> Mitigation is to use a function that returns the sign of subtraction
> results, rather than the actual subtraction results, something like
> sort(myvec, function(a: int, b: int): int { return a<b ? -1 : (a>b ? 1 :
> 0);});
>
> Cheers,
>
> Jim Mellander
> ESNet
>
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.icsi.berkeley.edu/pipermail/bro-dev/attachments/20180124/0286dfb2/attachment.html
More information about the bro-dev
mailing list