fix twos complement overflow bug in mem streams boundary check

the expression -off is not safe in case off is the most-negative value. instead apply - to base which is known to be non-negative and bounded within sanity.

fix twos complement overflow bug in mem streams boundary check
the expression -off is not safe in case off is the most-negative value. instead apply - to base which is known to be non-negative and bounded within sanity.
32d67e93 · Rich Felker · d4fa6f0e · 32d67e93 · 32d67e93
隐藏空白更改
内联并排

Showing with 2 addition and 2 deletion

src/stdio/open_memstream.c src/stdio/open_memstream.c +1 -1

src/stdio/open_wmemstream.c src/stdio/open_wmemstream.c +1 -1

未找到文件。
--- a/src/stdio/open_memstream.c
+++ b/src/stdio/open_memstream.c
@@ -28,7 +28,7 @@ static off_t ms_seek(FILE *f, off_t off, int whence)
 		errno = EINVAL;
 		return -1;
 	}
-	if (-off > base || off > SSIZE_MAX-base) goto fail;
+	if (off < -base || off > SSIZE_MAX-base) goto fail;
 	return c->pos = base+off;
 }


--- a/src/stdio/open_wmemstream.c
+++ b/src/stdio/open_wmemstream.c
@@ -29,7 +29,7 @@ static off_t wms_seek(FILE *f, off_t off, int whence)
 		errno = EINVAL;
 		return -1;
 	}
-	if (-off > base || off > SSIZE_MAX/4-base) goto fail;
+	if (off < -base || off > SSIZE_MAX/4-base) goto fail;
 	memset(&c->mbs, 0, sizeof c->mbs);
 	return c->pos = base+off;
 }