From patchwork Wed Apr 29 14:46:27 2015
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Subject: [STABLE?] parsers: avoid signed integer overflow in calculation of
 leaf-node index
From: Yuya Nishihara <yuya@tcha.org>
X-Patchwork-Id: 8816
Message-Id: <86a1b0c138484c57501d.1430318787@mimosa>
To: mercurial-devel@selenic.com
Date: Wed, 29 Apr 2015 23:46:27 +0900

# HG changeset patch
# User Yuya Nishihara <yuya@tcha.org>
# Date 1430316454 -32400
#      Wed Apr 29 23:07:34 2015 +0900
# Branch stable
# Node ID 86a1b0c138484c57501d436efc803c8ad4972928
# Parent  73b0e11a9cb8fea9b4f0a4ce4267409e8f2054cd
parsers: avoid signed integer overflow in calculation of leaf-node index

If v = -INT_MAX - 1, -v would exceed INT_MAX. I don't think this would cause
problems such as issue4627, but we can't blame it as a compiler bug because
signed integer overflow is undefined in C.

diff --git a/mercurial/parsers.c b/mercurial/parsers.c
--- a/mercurial/parsers.c
+++ b/mercurial/parsers.c
@@ -1312,7 +1312,7 @@ static int nt_find(indexObject *self, co
 			const char *n;
 			Py_ssize_t i;
 
-			v = -v - 1;
+			v = -(v + 1);
 			n = index_node(self, v);
 			if (n == NULL)
 				return -2;
@@ -1368,7 +1368,7 @@ static int nt_insert(indexObject *self, 
 			return 0;
 		}
 		if (v < 0) {
-			const char *oldnode = index_node(self, -v - 1);
+			const char *oldnode = index_node(self, -(v + 1));
 			int noff;
 
 			if (!oldnode || !memcmp(oldnode, node, 20)) {