summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorXi Wang <xi@mit.edu>2013-02-20 12:45:45 -0500
committerBernhard Reutner-Fischer <rep.dot.nop@gmail.com>2013-02-20 19:12:51 +0100
commit79cd5fb435d910233b1eb03c93c6ae05908ab42b (patch)
tree3e29124e9dec22cc00fa5fd4a02524a723fb8e52
parent3d791bda2e68136e5cfc52b5386e0db805b5d3ba (diff)
nice: fix overflow checking in int_add_no_wrap()
In C, signed integer overflow is undefined behavior. Many compilers optimize away checks like `a + b < a'. Use safe precondition testing instead. Signed-off-by: Xi Wang <xi@mit.edu> Signed-off-by: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com>
-rw-r--r--libc/sysdeps/linux/common/nice.c10
1 files changed, 5 insertions, 5 deletions
diff --git a/libc/sysdeps/linux/common/nice.c b/libc/sysdeps/linux/common/nice.c
index 3694db882..ed399460f 100644
--- a/libc/sysdeps/linux/common/nice.c
+++ b/libc/sysdeps/linux/common/nice.c
@@ -25,15 +25,15 @@ static __inline__ _syscall1(int, __syscall_nice, int, incr)
static __inline__ int int_add_no_wrap(int a, int b)
{
- int s = a + b;
-
if (b < 0) {
- if (s > a) s = INT_MIN;
+ if (a < INT_MIN - b)
+ return INT_MIN;
} else {
- if (s < a) s = INT_MAX;
+ if (a > INT_MAX - b)
+ return INT_MAX;
}
- return s;
+ return a + b;
}
static __inline__ int __syscall_nice(int incr)