From: Martin Schwenke <martin@meltin.net>
Date: Mon, 1 Jul 2019 11:28:43 +0000 (+1000)
Subject: util: Avoid localised underflow
X-Git-Tag: samba-4.11.0rc1~76
X-Git-Url: http://git.samba.org/?a=commitdiff_plain;h=5f7d82a88991d93d32f9cd1bbbfa3c3629e471c7;p=samba.git

util: Avoid localised underflow

Avoid parenthesising an unsigned subtraction that can be negative and,
therefore, underflow.  There is no need for the parentheses and
removing them results in an expression that is evaluated left-to-right
and can not underflow.

It isn't clear that the underflow matters.  lp <= ls, so if (li - lp)
underflows then ls + (li - lp) will always overflow.  This should
produce the correct answer.  However, depending on this seems wrong.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
---

diff --git a/lib/util/substitute.c b/lib/util/substitute.c
index 2249035f704..0ddab179588 100644
--- a/lib/util/substitute.c
+++ b/lib/util/substitute.c
@@ -65,10 +65,10 @@ static void string_sub2(char *s,const char *pattern, const char *insert, size_t
 		len = ls + 1; /* len is number of *bytes* */
 
 	while (lp <= ls && (p = strstr_m(s,pattern))) {
-		if (ls + (li-lp) >= len) {
+		if (ls + li - lp >= len) {
 			DEBUG(0,("ERROR: string overflow by "
 				"%d in string_sub(%.50s, %d)\n",
-				 (int)(ls + (li-lp) - len),
+				 (int)(ls + li - lp - len),
 				 pattern, (int)len));
 			break;
 		}
@@ -105,7 +105,7 @@ static void string_sub2(char *s,const char *pattern, const char *insert, size_t
 			}
 		}
 		s = p + li;
-		ls += (li-lp);
+		ls = ls + li - lp;
 
 		if (replace_once)
 			break;
@@ -192,10 +192,10 @@ _PUBLIC_ void all_string_sub(char *s,const char *pattern,const char *insert, siz
 		len = ls + 1; /* len is number of *bytes* */
 
 	while (lp <= ls && (p = strstr_m(s,pattern))) {
-		if (ls + (li-lp) >= len) {
+		if (ls + li - lp >= len) {
 			DEBUG(0,("ERROR: string overflow by "
 				"%d in all_string_sub(%.50s, %d)\n",
-				 (int)(ls + (li-lp) - len),
+				 (int)(ls + li - lp - len),
 				 pattern, (int)len));
 			break;
 		}
@@ -204,6 +204,6 @@ _PUBLIC_ void all_string_sub(char *s,const char *pattern,const char *insert, siz
 		}
 		memcpy(p, insert, li);
 		s = p + li;
-		ls += (li-lp);
+		ls = ls + li - lp;
 	}
 }