Fix #847: missing range checks in statespace_*.h files

mhucka · mhucka · commit 5cd678753cb4 · 2025-07-30T21:43:27.000-07:00
CodeQL scans flagged lines like 353 in `lib/statespace_avx512.h`, reporting that the use of offset `m` should follow the range check:

```C++
     while (rs[m] &lt; csum &amp;&amp; m &lt; num_samples) {
```

In more detail:

&gt; The program contains an and-expression where the array access is defined before the range check. Consequently the array is accessed without any bounds checking. The range check does not protect the program from segmentation faults caused by attempts to read beyond the end of a buffer.

The same error exists in the following files:

* statespace_basic.h
* statespace_sse.h
* statespace_avx512.h
* statespace_avx.h
diff --git a/lib/statespace_avx.h b/lib/statespace_avx.h
@@ -399,7 +399,7 @@ class StateSpaceAVX :
           double re = p[16 * k + j];
           double im = p[16 * k + 8 + j];
           csum += re * re + im * im;
-          while (rs[m] < csum && m < num_samples) {
+          while (m < num_samples && rs[m] < csum) {
             bitstrings.emplace_back(8 * k + j);
             ++m;
           }
diff --git a/lib/statespace_avx512.h b/lib/statespace_avx512.h
@@ -350,7 +350,7 @@ class StateSpaceAVX512 :
           double re = p[32 * k + j];
           double im = p[32 * k + 16 + j];
           csum += re * re + im * im;
-          while (rs[m] < csum && m < num_samples) {
+          while (m < num_samples && rs[m] < csum) {
             bitstrings.emplace_back(16 * k + j);
             ++m;
           }
diff --git a/lib/statespace_basic.h b/lib/statespace_basic.h
@@ -218,7 +218,7 @@ class StateSpaceBasic :
         double re = p[2 * k];
         double im = p[2 * k + 1];
         csum += re * re + im * im;
-        while (rs[m] < csum && m < num_samples) {
+        while (m < num_samples && rs[m] < csum) {
           bitstrings.emplace_back(k);
           ++m;
         }
diff --git a/lib/statespace_sse.h b/lib/statespace_sse.h
@@ -359,7 +359,7 @@ class StateSpaceSSE :
           double re = p[8 * k + j];
           double im = p[8 * k + 4 + j];
           csum += re * re + im * im;
-          while (rs[m] < csum && m < num_samples) {
+          while (m < num_samples && rs[m] < csum) {
             bitstrings.emplace_back(4 * k + j);
             ++m;
           }

Original file line number	Diff line number	Diff line change
`@@ -399,7 +399,7 @@ class StateSpaceAVX :`
`399`	`399`	`double re = p[16 * k + j];`
`400`	`400`	`double im = p[16 * k + 8 + j];`
`401`	`401`	`csum += re * re + im * im;`
`402`		`- while (rs[m] < csum && m < num_samples) {`
	`402`	`+ while (m < num_samples && rs[m] < csum) {`
`403`	`403`	`bitstrings.emplace_back(8 * k + j);`
`404`	`404`	`++m;`
`405`	`405`	`}`
Original file line number	Diff line number	Diff line change
`@@ -350,7 +350,7 @@ class StateSpaceAVX512 :`
`350`	`350`	`double re = p[32 * k + j];`
`351`	`351`	`double im = p[32 * k + 16 + j];`
`352`	`352`	`csum += re * re + im * im;`
`353`		`- while (rs[m] < csum && m < num_samples) {`
	`353`	`+ while (m < num_samples && rs[m] < csum) {`
`354`	`354`	`bitstrings.emplace_back(16 * k + j);`
`355`	`355`	`++m;`
`356`	`356`	`}`
Original file line number	Diff line number	Diff line change
`@@ -218,7 +218,7 @@ class StateSpaceBasic :`
`218`	`218`	`double re = p[2 * k];`
`219`	`219`	`double im = p[2 * k + 1];`
`220`	`220`	`csum += re * re + im * im;`
`221`		`- while (rs[m] < csum && m < num_samples) {`
	`221`	`+ while (m < num_samples && rs[m] < csum) {`
`222`	`222`	`bitstrings.emplace_back(k);`
`223`	`223`	`++m;`
`224`	`224`	`}`
Original file line number	Diff line number	Diff line change
`@@ -359,7 +359,7 @@ class StateSpaceSSE :`
`359`	`359`	`double re = p[8 * k + j];`
`360`	`360`	`double im = p[8 * k + 4 + j];`
`361`	`361`	`csum += re * re + im * im;`
`362`		`- while (rs[m] < csum && m < num_samples) {`
	`362`	`+ while (m < num_samples && rs[m] < csum) {`
`363`	`363`	`bitstrings.emplace_back(4 * k + j);`
`364`	`364`	`++m;`
`365`	`365`	`}`