On 10 May 2013 13:05, Benjamin Kaduk <bjkf...@gmail.com> wrote: > This check relies on signed integer overflow, which is undefined behavior. > Furthermore, even if one assumes a non-evil compiler and two's complement > representation, this check fails for pattlen == 10. > 10**9 is representable as both a signed and unsigned 32-bit integer, but > 10**10 overflows both variants and ends up in the positive side of the > signed space. > > With a fixed number of bases to be exponentiated here (10 or 26), it would > seem much simpler to do the logarithm manually out-of-band and just hardcode > a check on sufflen (noting that maxfiles is of type long which can be either > 32 or 64 bits). ...
Good point. I did not look closely at this code and assumed it was correct. I shall fix it. -- Eitan Adler Source, Ports, Doc committer Bugmeister, Ports Security teams _______________________________________________ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
