protocol/ArgParser: fix integer overflow in parse_range()

Casting std::numeric_limits<unsigned>::max() to "long" leads to an overflow if sizeof(unsigned)==sizeof(long), and the result will be -1. This happens on some 32 bit architectures, for example ARM and WIN32. Workaround: use std::numeric_limits<int>::max(), which is the largest signed integer. Since sizeof(long)>=sizeof(int), this will never overflow. Fixes Mantis ticket 0004080.

protocol/ArgParser: fix integer overflow in parse_range()
421c4ae9 · Max Kellermann · 4907f610 · 421c4ae9 · 421c4ae9
Commit 421c4ae9 authored Sep 04, 2014 by Max Kellermann
Hide whitespace changes
Inline Side-by-side

Showing with 4 additions and 2 deletions

NEWS NEWS +2 -0

ArgParser.cxx src/protocol/ArgParser.cxx +2 -2

No files found.
--- a/NEWS
+++ b/NEWS
 ver 0.18.14 (not yet released)
+* protocol
+  - fix range parser bug on certain 32 bit architectures

 ver 0.18.13 (2014/08/31)
 * protocol

--- a/src/protocol/ArgParser.cxx
+++ b/src/protocol/ArgParser.cxx
@@ -81,7 +81,7 @@ check_range(Client &client, unsigned *value_r1, unsigned *value_r2,
 		/* compatibility with older MPD versions: specifying
 		   "-1" makes MPD display the whole list */
 		*value_r1 = 0;
-		*value_r2 = std::numeric_limits<unsigned>::max();
+		*value_r2 = std::numeric_limits<int>::max();
 		return true;
 	}

@@ -108,7 +108,7 @@ check_range(Client &client, unsigned *value_r1, unsigned *value_r2,
 		}

 		if (test == test2)
-			value = std::numeric_limits<unsigned>::max();
+			value = std::numeric_limits<int>::max();

 		if (value < 0) {
 			command_error(client, ACK_ERROR_ARG,