On Tue, 09 Feb 2016 15:13:22 -0500, Michael McConville wrote: > It looks like a few tools in base rely on two's complement integer > overflow for the hashing algorithm in readhash(). Overflow can easily be > observed using a manual check or a dynamic undefined behavior tool. This > function is also present in rcs(1) and cvs(1). Some code locations of > these overflows are: > > /usr/src/usr.bin/diff/diffreg.c:1196 > /usr/src/usr.bin/rcs/diff.c:1099 > /usr/src/usr.bin/cvs/diff_internals.c:1169 > > This poses a bit of an issue because (at least in diff(1)) the value > field of struct line is represented with an int and is used in many > places. Changing the type of line.value to something unsigned could have > unintended consequences.
Making those values unsigned int should be sufficient but it is a fairly intrusive change. - todd
