From 301551ae8e8f54fd66867c9411fcc17b2f02be7d Mon Sep 17 00:00:00 2001 From: Nico Weber Date: Fri, 26 Feb 2021 11:14:26 -0500 Subject: [PATCH] [PDB] Fix unsigned integer overflow When building with -fsanitize=unsigned-integer-overflow, this code causes a diagnostic like: ../../llvm/lib/DebugInfo/PDB/Native/GSIStreamBuilder.cpp:159:15: runtime error: unsigned integer overflow: 90 - 229 cannot be represented in type 'unsigned long' unsigned integer overflow is well defined and it isn't an issue in practice, but in obscure scenarios (S1.size() small, S2.size over 2GB on 32-bit systems) it could even be a bug. So use the usual idiom for implementing cmp functions instead of the gernally considered buggy idiom :) See e.g. https://www.gnu.org/software/libc/manual/html_node/Comparison-Functions.html or https://stackoverflow.com/questions/10996418/efficient-integer-compare-function/10997428#10997428 Differential Revision: https://reviews.llvm.org/D97557 --- llvm/lib/DebugInfo/PDB/Native/GSIStreamBuilder.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/llvm/lib/DebugInfo/PDB/Native/GSIStreamBuilder.cpp b/llvm/lib/DebugInfo/PDB/Native/GSIStreamBuilder.cpp index 52df26b..ae91698 100644 --- a/llvm/lib/DebugInfo/PDB/Native/GSIStreamBuilder.cpp +++ b/llvm/lib/DebugInfo/PDB/Native/GSIStreamBuilder.cpp @@ -156,7 +156,7 @@ static int gsiRecordCmp(StringRef S1, StringRef S2) { size_t RS = S2.size(); // Shorter strings always compare less than longer strings. if (LS != RS) - return LS - RS; + return (LS > RS) - (LS < RS); // If either string contains non ascii characters, memcmp them. if (LLVM_UNLIKELY(!isAsciiString(S1) || !isAsciiString(S2))) -- 2.7.4