From: Ben Kaduk <kaduk@mit.edu>
Date: Wed, 17 Jul 2013 00:39:56 +0000 (-0400)
Subject: Check for over/underflow while allocating PTS ids
X-Git-Tag: upstream/1.8.0_pre1^2~1048
X-Git-Url: https://git.michaelhowe.org/gitweb/?a=commitdiff_plain;h=6c7c185ba3ec6fbdda0651d18868e66edd655809;p=packages%2Fo%2Fopenafs.git

Check for over/underflow while allocating PTS ids

The behavior of signed integer over/underflow is implementation-defined,
but even if the compiler is nice and just wraps around, we could get
ourselves into trouble later on.

Change-Id: I20ea9c790037a36b8527889b3f7adcfd60e74fd4
Reviewed-on: http://gerrit.openafs.org/10091
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
---

diff --git a/src/ptserver/utils.c b/src/ptserver/utils.c
index 60de04719..abc37c12c 100644
--- a/src/ptserver/utils.c
+++ b/src/ptserver/utils.c
@@ -340,7 +340,8 @@ AllocID(struct ubik_trans *at, afs_int32 flag, afs_int32 *aid)
 
     if (flag & PRGRP) {
 	*aid = ntohl(cheader.maxGroup);
-	while (code && i < maxcount) {
+	/* Check for PRBADID to avoid wrap-around. */
+	while (code && i < maxcount && *aid != PRBADID) {
 	    --(*aid);
 	    code = FindByID(at, *aid);
 	    i++;
@@ -372,7 +373,7 @@ AllocID(struct ubik_trans *at, afs_int32 flag, afs_int32 *aid)
 	return PRSUCCESS;
     } else {
 	*aid = ntohl(cheader.maxID);
-	while (code && i < maxcount) {
+	while (code && i < maxcount && *aid != 0x7fffffff) {
 	    ++(*aid);
 	    code = FindByID(at, *aid);
 	    i++;