From a9b89327746b7c5fbe0cedd8aee992de6580ca8a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Thomas=20Wei=C3=9Fschuh?= <thomas@t-8ch.de>
Date: Thu, 12 Jan 2023 00:49:35 +0000
Subject: c.h: avoid undefined behavior in SINT_MAX macro

The previous implementation relied on signed-integer overflow.
This is undefined behavior.

Instead use an implementation that only requires twos-complement
representation. This is what everybody uses anyways and it will be
required by C23.
---
 include/c.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'include')

diff --git a/include/c.h b/include/c.h
index 0663774d2..eab6ff505 100644
--- a/include/c.h
+++ b/include/c.h
@@ -526,6 +526,6 @@ static inline void print_features(const char **features, const char *prefix)
 # define MAP_ANONYMOUS  (MAP_ANON)
 #endif
 
-#define SINT_MAX(t) (((size_t) 1 << (sizeof(t) * 8 - 1)) - 1)
+#define SINT_MAX(t) ((t)((~(t) 0) ^ (t) 1 << (sizeof(t) * 8 - 1)))
 
 #endif /* UTIL_LINUX_C_H */
-- 
cgit v1.2.1