libcli/security: use NUMERIC_CMP in dom_sid_compare_auth()

These numbers are all 8 bit, so overflow is unlikely.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

diff --git a/libcli/security/dom_sid.c b/libcli/security/dom_sid.c
index 82816071a7a4a783c2abbe994a11194e82f2ee47..21012b70884c23253286037a914c78894f5e6377 100644 (file)
--- a/libcli/security/dom_sid.c
+++ b/libcli/security/dom_sid.c
@@ -47,11 +47,12 @@ int dom_sid_compare_auth(const struct dom_sid *sid1,
                return 1;
 
        if (sid1->sid_rev_num != sid2->sid_rev_num)
-               return sid1->sid_rev_num - sid2->sid_rev_num;
+               return NUMERIC_CMP(sid1->sid_rev_num, sid2->sid_rev_num);
 
        for (i = 0; i < 6; i++)
-               if (sid1->id_auth[i] != sid2->id_auth[i])
-                       return sid1->id_auth[i] - sid2->id_auth[i];
+               if (sid1->id_auth[i] != sid2->id_auth[i]) {
+                       return NUMERIC_CMP(sid1->id_auth[i], sid2->id_auth[i]);
+               }
 
        return 0;
 }