In that code path, it's possible that idx == LONG_MAX+1. Casting that value
to a signed long is undefined behavior (since it overflows), which means
that the compiler can do bad things with that.
With this patch we will basically do the same operation, but over an
unsigned long, thus avoiding the undefined behavior of signed integers.
This patch prevents miscompilations by more aggressive compilers.
Nuno
-----Original Message-----
Hi!
Could you please explain this commit? idx is ulong, why this change
improves anything?
Commit: 91ce8041a3e85594e81466a528f8d55cdc164c1f
Author: Nuno Lopes <nlop...@php.net> Mon, 2 Jul 2012
01:31:40 -0400
Parents: be4053cea0462c9de5396641f4e4fa2f56f5a675
Branches: PHP-5.4
Link:
http://git.php.net/?p=php-src.git;a=commitdiff;h=91ce8041a3e85594e81466a528f8d55cdc164c1f
Log:
fix (signed) integer overflow (part of bug #52550
Bugs:
https://bugs.php.net/52550
Changed paths:
M Zend/zend_hash.h
Diff:
diff --git a/Zend/zend_hash.h b/Zend/zend_hash.h
index 84ca1de..5c3b1cd 100644
--- a/Zend/zend_hash.h
+++ b/Zend/zend_hash.h
@@ -330,7 +330,7 @@ END_EXTERN_C()
if (idx-1 > LONG_MAX) { /* overflow */ \
break; \
} \
- idx = (ulong)(-(long)idx); \
+ idx = -idx; \
} else if (idx > LONG_MAX) { /* overflow */ \
break; \
} \
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php