luc14n0/glib
1
0
Fork 0
mirror of https://gitlab.gnome.org/GNOME/glib.git synced 2025-02-25 19:52:10 +01:00
Code Issues Packages Projects Releases Wiki Activity

garray: Rewrite binary search calculation to avoid integer overflow

Browse Source 
If `right` and `left` are both near `G_MAXUINT`, it’s possible for the
addition to overflow, even if the eventual result would fit in a
`guint`. Avoid that by operating on the difference instead.

The difference is guaranteed to be positive due to the prior `left <=
right` check.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
This commit is contained in:
Philip Withnall 2019-07-16 11:35:18 +01:00
parent bc0fcddc18
commit ec61daf503
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
glib/garray.c
View File

@ -845,7 +845,7 @@ g_array_binary_search (GArray *array,
while (left <= right)
{
middle = (left + right) / 2;
middle = left + (right - left) / 2;
val = compare_func (_array->data + (_array->elt_size * middle), target);
if (val < 0)