idtree: fix right shift of signed ints, crash on large ids on AIX

Right-shifting signed integers in undefined; indeed it seems that on
AIX with their compiler, doing a 30-bit shift on (INT_MAX-200) gives
0, not 1 as we might expect.

The obvious fix is to make id and oid unsigned: l (level count) is also
logically unsigned.

(Note: Samba doesn't generally get to ids > 1 billion, but ctdb does)

Reported-by: Chris Cowan <cc@us.ibm.com>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Autobuild-User: Rusty Russell <rusty@samba.org>
Autobuild-Date: Wed Oct  6 08:31:09 UTC 2010 on sn-devel-104

diff --git a/lib/util/idtree.c b/lib/util/idtree.c
index ef6d21fd2852d79d825a26bb5001b89baae60401..05c22958bf739359cc0c6f69962b067198bc27ab 100644 (file)
--- a/lib/util/idtree.c
+++ b/lib/util/idtree.c
@@ -105,7 +105,7 @@ static int sub_alloc(struct idr_context *idp, void *ptr, int *starting_id)
        int n, m, sh;
        struct idr_layer *p, *new;
        struct idr_layer *pa[MAX_LEVEL];
-       int l, id, oid;
+       unsigned int l, id, oid;
        uint32_t bm;
 
        memset(pa, 0, sizeof(pa));