uid-range: add asserts to document overflow safety in coalesce

Coverity flags the x->start + x->nr and y->start + y->nr additions
as potential overflows. These are safe because uid_range_add_internal()
validates start + nr <= UINT32_MAX before inserting entries. Add asserts
to document this invariant for static analyzers.

CID#1548015

Follow-up for 8530dc4467691a893aa2e07319b18a84fec96cad

diff --git a/src/basic/uid-range.c b/src/basic/uid-range.c
index 31305952ba43cf564e319ccc0124d46751fef20b..628710a8709bcc7272ffc697a113d03d3d35ba48 100644 (file)
--- a/src/basic/uid-range.c
+++ b/src/basic/uid-range.c
@@ -63,6 +63,10 @@ static void uid_range_coalesce(UIDRange *range) {
                                 break;
 
                         begin = MIN(x->start, y->start);
+
+                        /* Silence static analyzers, overflow is prevented by uid_range_add_internal() */
+                        assert(x->start <= UINT32_MAX - x->nr);
+                        assert(y->start <= UINT32_MAX - y->nr);
                         end = MAX(x->start + x->nr, y->start + y->nr);
 
                         x->start = begin;