Hi. The port function *bsearch_arg* mimics the C function *bsearch*.
The API signature is: void * bsearch_arg(const void *key, const void *base0, size_t nmemb, size_t size, int (*compar) (const void *, const void *, void *), void *arg) So, the parameter *nmemb* is size_t. Therefore, a call with nmemb greater than INT_MAX is possible. Internally the code uses the *int* type to iterate through the number of members, which makes overflow possible. Trivial fix attached. best regards, Ranier Vilela
avoid-possible-overflow-bsearch_arg.patch
Description: Binary data
