Comments (13)
Exactly. And node "33024" contributes another 128 to the table size.
It took me days to understand enough.c. It requires mental gymnastics :-)
from cve-2023-4863.
Glad to have the bug fixed by removing an unnecessary searching restriction. It was a logical error.
Now "NotEnough" tool could produce about 100 distinct solutions with table_size=542.
The repo was updated accordingly.
from cve-2023-4863.
#include <stdint.h>
#include <stdbool.h>
#include <stdio.h>
#include <assert.h>
//#include <malloc.h>
#include <math.h>
#include <string.h>
#include <stdlib.h>
#define MAX_ALLOWED_CODE_LENGTH 15
//copy and paste output of this program into Graphvis
//https://dreampuf.github.io/GraphvizOnline/
void print_tree() {
int num_nodes = 1; // number of Huffman tree nodes
int num_open = 1; // number of open branches in current tree level
uint32_t n = 1;
#if 1
uint32_t count[] = {0, 1, 0, 0, 0, 0, 0, 0, 0, 3, 5, 9, 17, 1, 1, 3}; // size=542 //alphabet = 40, table_size = 414
#else
uint32_t count[] = {0, 1, 1, 1, 1, 0, 1, 1, 0, 15, 5, 9, 1, 1, 1, 2}; //alphabet = 40, table_size = 410
#endif
uint32_t has_leaf_child[65537] = {0};
has_leaf_child[0] = 1;
for (int len = 1; len <= MAX_ALLOWED_CODE_LENGTH; ++len) {
num_open <<= 1;
num_nodes += num_open;
uint32_t leaf_count = count[len];
uint32_t internal_count = num_open - leaf_count;
for(uint32_t i = 0; i < num_open; i++) {
uint32_t node = ((1 << len) - 1) + i;
uint32_t parent = (node-1)/2;
if(i >= internal_count) {
while (node > 0) {
has_leaf_child[node] = 1;
node = (node-1)/2;
}
}
n++;
}
num_open -= leaf_count;
}
num_open = 1;
num_nodes = 1;
n = 1;
printf("digraph BST {\n");
for (int len = 1; len <= MAX_ALLOWED_CODE_LENGTH; ++len) {
num_open <<= 1;
num_nodes += num_open;
uint32_t leaf_count = count[len];
uint32_t internal_count = num_open - leaf_count;
for(uint32_t i = 0; i < num_open; i++) {
uint32_t node = ((1 << len) - 1) + i;
uint32_t parent = (node-1)/2;
if (has_leaf_child[node]) {
printf("\tn%d [label=\"%d\"]\n", node, node);
if(i >= internal_count) {
printf("\tn%d [shape=doublecircle]\n", node);
}
printf("\tn%d -> n%d [label=\"%d\"]\n", parent, node, ((i+1) % 2));
}
n++;
}
num_open -= leaf_count;
}
printf("}\n");
}
int main(int argc, char **argv) {
print_tree();
return 0;
}
from cve-2023-4863.
Awesome!!! I'll be honest I never understood how Mark Adler's enough tool worked :'(
from cve-2023-4863.
A very interesting graph. It seems node "33022" contributes 128 to the table_size.
Follow the chain of parent's
33022->16510->8254->4126->2062->1030->514->256
where node 256 is where the root_bits prefix changes.
from cve-2023-4863.
LiveOverflow just discovered a 542 sized table :O !!!
https://twitter.com/LiveOverflow/status/1737238584917180853
from cve-2023-4863.
There must be a bug in my code. I will figure it out.
Meanwhile, I realized that a big table size does not always lead to big overflow. Trying to figure out this too.
from cve-2023-4863.
no worries mate. The 538 table is good because it can be visualized in tree view and the tree isnt too wide.
from cve-2023-4863.
Actually the 542 table was found by brute forcing the values above the root_bits.
from cve-2023-4863.
Thanks so much :) !!!!
from cve-2023-4863.
Also, how did u prune the tree. I tried this but it doesnt look as nice.
#include <stdint.h>
#include <stdbool.h>
#include <stdio.h>
#include <assert.h>
#include <malloc.h>
#include <math.h>
#include <string.h>
#include <stdlib.h>
#define MAX_ALLOWED_CODE_LENGTH 15
//copy and paste output of this program into Graphvis
//https://dreampuf.github.io/GraphvizOnline/
void print_tree() {
int num_nodes = 1; // number of Huffman tree nodes
int num_open = 1; // number of open branches in current tree level
uint32_t n = 1;
uint32_t count[] = {0, 1, 0, 0, 0, 0, 0, 0, 0, 3, 5, 9, 17, 1, 1, 3};
uint32_t symbol_count = 0;
for(uint32_t i = 0; i <= MAX_ALLOWED_CODE_LENGTH; i++) {
symbol_count += count[i];
}
uint32_t *leaf_nodes = malloc(sizeof(uint32_t) * symbol_count);
uint32_t total_leaf_count = 0;
for (int len = 1; len <= MAX_ALLOWED_CODE_LENGTH; ++len) {
num_open <<= 1;
num_nodes += num_open;
uint32_t leaf_count = count[len];
uint32_t internal_count = num_open - leaf_count;
for(uint32_t i = 0; i < num_open; i++) {
uint32_t node = ((1 << len) - 1) + i;
if(i >= internal_count) {
leaf_nodes[total_leaf_count++] = node;
}
}
num_open -= leaf_count;
}
assert(total_leaf_count == symbol_count);
//let graphvis handle the duplicate edges
printf("strict digraph BST {\n");
for(uint32_t i = 0; i < total_leaf_count; i++) {
uint32_t node = leaf_nodes[i];
printf("\tn%d [shape=doublecircle]\n", node);
while(node != 0) {
uint32_t parent = (node-1)/2;
printf("\tn%d [label=\"%d\"]\n", node, node);
printf("\tn%d -> n%d [label=\"%d\"]\n", parent, node, ((node+1) % 2));
node = parent;
}
}
printf("}\n");
}
int main(int argc, char **argv) {
print_tree();
return 0;
}
from cve-2023-4863.
hmmm i think i have to iterate in level order :S
from cve-2023-4863.
Thank you :) !!!!
from cve-2023-4863.
Related Issues (1)
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cve-2023-4863.