From 6c7c185ba3ec6fbdda0651d18868e66edd655809 Mon Sep 17 00:00:00 2001
From: Ben Kaduk <kaduk@mit.edu>
Date: Tue, 16 Jul 2013 20:39:56 -0400
Subject: [PATCH] Check for over/underflow while allocating PTS ids

The behavior of signed integer over/underflow is implementation-defined,
but even if the compiler is nice and just wraps around, we could get
ourselves into trouble later on.

Change-Id: I20ea9c790037a36b8527889b3f7adcfd60e74fd4
Reviewed-on: http://gerrit.openafs.org/10091
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
---
 src/ptserver/utils.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/ptserver/utils.c b/src/ptserver/utils.c
index 60de04719..abc37c12c 100644
--- a/src/ptserver/utils.c
+++ b/src/ptserver/utils.c
@@ -340,7 +340,8 @@ AllocID(struct ubik_trans *at, afs_int32 flag, afs_int32 *aid)
 
     if (flag & PRGRP) {
 	*aid = ntohl(cheader.maxGroup);
-	while (code && i < maxcount) {
+	/* Check for PRBADID to avoid wrap-around. */
+	while (code && i < maxcount && *aid != PRBADID) {
 	    --(*aid);
 	    code = FindByID(at, *aid);
 	    i++;
@@ -372,7 +373,7 @@ AllocID(struct ubik_trans *at, afs_int32 flag, afs_int32 *aid)
 	return PRSUCCESS;
     } else {
 	*aid = ntohl(cheader.maxID);
-	while (code && i < maxcount) {
+	while (code && i < maxcount && *aid != 0x7fffffff) {
 	    ++(*aid);
 	    code = FindByID(at, *aid);
 	    i++;
-- 
2.39.5