[erlang-bugs] Large binaries are truncated by term_to_binary

Daniel Luna <>
Mon Aug 20 21:31:31 CEST 2012


We found an issue with term_to_binary when playing around a bit with
creating large binaries.

Now that machines start having more and more memory this issue might
pop up more often.  The size field is only 32 bits wide and will
apparently wrap if the binary is large enough.  The following examples
crashed in various ways on a machine with 8Gb of memory, and "worked"
(i.e. did not work as intended) on a machine with 16Gb.

The problem boils down to <<>> =:=
binary_to_term(term_to_binary(<<0:(1 bsl 35)>>)), is true.

Cheers,

Daniel


Erlang R15B01 (erts-5.9.1) [source] [64-bit] [smp:6:6]
[async-threads:0] [hipe] [kernel-poll:false]

Eshell V5.9.1  (abort with ^G)
1> term_to_binary(<<0:(1 bsl 0)>>).
<<131,77,0,0,0,1,1,0>>
2> term_to_binary(<<0:(1 bsl 34)>>).
<<131,109,128,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
  0,0,0,0,...>>
3> term_to_binary(<<0:(1 bsl 35)>>).
<<131,109,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
  0,0,0,...>>
4> binary_to_term(term_to_binary(<<0:(1 bsl 35)>>)).
<<>>
5> binary_to_term(term_to_binary(<<0:(1 bsl 35), 0>>)).
<<0>>


More information about the erlang-bugs mailing list