Hi, SimpleHash.
The function SH_START_ITERATE can trigger some overflow.
See:
typedef struct SH_ITERATOR
{
uint32 cur; /* current element */
uint32 end;
bool done; /* iterator exhausted? */
} SH_ITERATOR;
The cur field is uint32 size and currently can be stored a uint64,
which obviously does not fit.
Also, the current index is int, which is possibly insufficient
since items can be up to uint32.
Attached a fix.
best regards,
Ranier Vilela
avoid-overflow-with-simplehash-start-iterate.patch
Description: Binary data
