Merge bitcoin/bitcoin#33007: test: fix ReadTopologicalSet unsigned integer overflow

fanquake · fanquake · commit 11c6a864c9ee · 2025-07-21T12:08:05.000+01:00
31c4e77 test: fix ReadTopologicalSet unsigned integer overflow (ismaelsadeeq) Pull request description: This PR is a simple fix for a potential unsigned integer overflow in ReadTopologicalSet. We obtain the value of `mask` from fuzz input, which can be the maximum representable value. Adding 1 to it would then cause an overflow. The fix skips the addition when the read value is already the maximum. See bitcoin/bitcoin#30605 (comment) for more context ACKs for top commit: maflcko: lgtm ACK 31c4e77 Tree-SHA512: f58d7907f66a0de0ed8d4b1cad6a4971f65925a99f3c030537c21c4d84126b643257c65865242caf7d445b9cbb7a71a1816a9f870ab7520625c4c16cd41979cb
diff --git a/src/test/fuzz/cluster_linearize.cpp b/src/test/fuzz/cluster_linearize.cpp
@@ -304,7 +304,7 @@ SetType ReadTopologicalSet(const DepGraph<SetType>& depgraph, const SetType& tod
     try {
         reader >> VARINT(mask);
     } catch(const std::ios_base::failure&) {}
-    mask += non_empty;
+    if (mask != uint64_t(-1)) mask += non_empty;
 
     SetType ret;
     for (auto i : todo) {
