+2013-05-10 Andreas Jaeger <aj@suse.de>
+
+ [BZ #15448]
+ * sysdeps/unix/sysv/linux/bits/sched.h (__CPU_SET_S)
+ (__CPU_CLR_S, __CPU_ISSET_S): Avoid integer overflow.
+
2013-05-10 Joseph Myers <joseph@codesourcery.com>
* math/gen-libm-test.pl (adjust_arg): New function.
15055, 15062, 15078, 15084, 15085, 15086, 15160, 15214, 15221, 15232,
15234, 15283, 15285, 15287, 15304, 15305, 15307, 15309, 15327, 15330,
15335, 15336, 15337, 15342, 15346, 15359, 15361, 15366, 15380, 15394,
- 15395, 15405, 15406, 15409, 15416, 15418, 15419, 15423, 15426, 15429.
+ 15395, 15405, 15406, 15409, 15416, 15418, 15419, 15423, 15426, 15429,
+ 15448.
* CVE-2013-0242 Buffer overrun in regexp matcher has been fixed (Bugzilla
#15078).
# define __CPU_SET_S(cpu, setsize, cpusetp) \
(__extension__ \
({ size_t __cpu = (cpu); \
- __cpu < 8 * (setsize) \
+ __cpu / 8 < (setsize) \
? (((__cpu_mask *) ((cpusetp)->__bits))[__CPUELT (__cpu)] \
|= __CPUMASK (__cpu)) \
: 0; }))
# define __CPU_CLR_S(cpu, setsize, cpusetp) \
(__extension__ \
({ size_t __cpu = (cpu); \
- __cpu < 8 * (setsize) \
+ __cpu / 8 < (setsize) \
? (((__cpu_mask *) ((cpusetp)->__bits))[__CPUELT (__cpu)] \
&= ~__CPUMASK (__cpu)) \
: 0; }))
# define __CPU_ISSET_S(cpu, setsize, cpusetp) \
(__extension__ \
({ size_t __cpu = (cpu); \
- __cpu < 8 * (setsize) \
+ __cpu / 8 < (setsize) \
? ((((const __cpu_mask *) ((cpusetp)->__bits))[__CPUELT (__cpu)] \
& __CPUMASK (__cpu))) != 0 \
: 0; }))