idtree: fix right shift of signed ints, crash on large ids on AIX

Right-shifting signed integers in undefined; indeed it seems that on
AIX with their compiler, doing a 30-bit shift on (INT_MAX-200) gives
0, not 1 as we might expect.

The obvious fix is to make id and oid unsigned: l (level count) is also
logically unsigned.

(Note: Samba doesn't generally get to ids > 1 billion, but ctdb does)

Reported-by: Chris Cowan <cc@us.ibm.com>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Autobuild-User: Rusty Russell <rusty@samba.org>
Autobuild-Date: Wed Oct  6 08:31:09 UTC 2010 on sn-devel-104
(cherry picked from commit 2db1987f5a3a4268ce64fe570ff598e3bf4ecc73)

diff --git a/lib/util/idtree.c b/lib/util/idtree.c
index 06544e1444b85bb4c5f3c54c47144eb9e19022eb..bb6eaf068c469f99513a9c0aa334190b09c267a7 100644 (file)
--- a/lib/util/idtree.c
+++ b/lib/util/idtree.c
@@ -105,7 +105,7 @@ static int sub_alloc(struct idr_context *idp, void *ptr, int *starting_id)
        int n, m, sh;
        struct idr_layer *p, *new;
        struct idr_layer *pa[MAX_LEVEL];
-       int l, id, oid;
+       unsigned int l, id, oid;
        uint32_t bm;
 
        memset(pa, 0, sizeof(pa));