diff options
author | Martin Schwenke <martin@meltin.net> | 2019-07-01 21:28:43 +1000 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2019-07-05 01:05:21 +0000 |
commit | 5f7d82a88991d93d32f9cd1bbbfa3c3629e471c7 (patch) | |
tree | 02ff1cc1239e1858afdfab098711b4b8bd621611 /lib | |
parent | 31345376406562e375516fdad5a1bcabf6b8dc27 (diff) | |
download | samba-5f7d82a88991d93d32f9cd1bbbfa3c3629e471c7.tar.gz |
util: Avoid localised underflow
Avoid parenthesising an unsigned subtraction that can be negative and,
therefore, underflow. There is no need for the parentheses and
removing them results in an expression that is evaluated left-to-right
and can not underflow.
It isn't clear that the underflow matters. lp <= ls, so if (li - lp)
underflows then ls + (li - lp) will always overflow. This should
produce the correct answer. However, depending on this seems wrong.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'lib')
-rw-r--r-- | lib/util/substitute.c | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/lib/util/substitute.c b/lib/util/substitute.c index 2249035f704..0ddab179588 100644 --- a/lib/util/substitute.c +++ b/lib/util/substitute.c @@ -65,10 +65,10 @@ static void string_sub2(char *s,const char *pattern, const char *insert, size_t len = ls + 1; /* len is number of *bytes* */ while (lp <= ls && (p = strstr_m(s,pattern))) { - if (ls + (li-lp) >= len) { + if (ls + li - lp >= len) { DEBUG(0,("ERROR: string overflow by " "%d in string_sub(%.50s, %d)\n", - (int)(ls + (li-lp) - len), + (int)(ls + li - lp - len), pattern, (int)len)); break; } @@ -105,7 +105,7 @@ static void string_sub2(char *s,const char *pattern, const char *insert, size_t } } s = p + li; - ls += (li-lp); + ls = ls + li - lp; if (replace_once) break; @@ -192,10 +192,10 @@ _PUBLIC_ void all_string_sub(char *s,const char *pattern,const char *insert, siz len = ls + 1; /* len is number of *bytes* */ while (lp <= ls && (p = strstr_m(s,pattern))) { - if (ls + (li-lp) >= len) { + if (ls + li - lp >= len) { DEBUG(0,("ERROR: string overflow by " "%d in all_string_sub(%.50s, %d)\n", - (int)(ls + (li-lp) - len), + (int)(ls + li - lp - len), pattern, (int)len)); break; } @@ -204,6 +204,6 @@ _PUBLIC_ void all_string_sub(char *s,const char *pattern,const char *insert, siz } memcpy(p, insert, li); s = p + li; - ls += (li-lp); + ls = ls + li - lp; } } |