From: Thomas Weißschuh <thomas@t-8ch.de>
Date: Thu, 12 Jan 2023 00:49:35 +0000 (+0000)
Subject: c.h: avoid undefined behavior in SINT_MAX macro
X-Git-Tag: v2.39-rc1~166^2
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=a9b89327746b7c5fbe0cedd8aee992de6580ca8a;p=thirdparty%2Futil-linux.git

c.h: avoid undefined behavior in SINT_MAX macro

The previous implementation relied on signed-integer overflow.
This is undefined behavior.

Instead use an implementation that only requires twos-complement
representation. This is what everybody uses anyways and it will be
required by C23.
---

diff --git a/include/c.h b/include/c.h
index 0663774d22..eab6ff5054 100644
--- a/include/c.h
+++ b/include/c.h
@@ -526,6 +526,6 @@ static inline void print_features(const char **features, const char *prefix)
 # define MAP_ANONYMOUS  (MAP_ANON)
 #endif
 
-#define SINT_MAX(t) (((size_t) 1 << (sizeof(t) * 8 - 1)) - 1)
+#define SINT_MAX(t) ((t)((~(t) 0) ^ (t) 1 << (sizeof(t) * 8 - 1)))
 
 #endif /* UTIL_LINUX_C_H */