lib/limits.c: Check for overflow without invoking UB

The multiplication was already invoking UB.  The test was flawed.
Use __builtin_mul_overflow() instead.

Signed-off-by: Alejandro Colomar <alx@kernel.org>

diff --git a/lib/limits.c b/lib/limits.c
index b3ea1784ec7b0602f63a093602c4a986fb4eb038..1da228ca69531c3b9822443489fa834bb3363688 100644 (file)
--- a/lib/limits.c
+++ b/lib/limits.c
@@ -45,8 +45,10 @@ static int setrlimit_value (unsigned int resource,
                             const char *value,
                             unsigned int multiplier)
 {
-       struct rlimit rlim;
-       rlim_t limit;
+       char           *endptr;
+       long           l;
+       rlim_t         limit;
+       struct rlimit  rlim;
 
        /* The "-" is special, not belonging to a strange negative limit.
         * It is infinity, in a controlled way.
@@ -60,8 +62,7 @@ static int setrlimit_value (unsigned int resource,
                 * Also, we are limited to base 10 here (hex numbers will not
                 * work with the limit string parser as is anyway)
                 */
-               char *endptr;
-               long longlimit = strtol (value, &endptr, 10);
+               l = strtol(value, &endptr, 10);
 
                if (value == endptr) {
                        /* No argument at all. No-op.
@@ -69,10 +70,7 @@ static int setrlimit_value (unsigned int resource,
                         */
                        return 0;
                }
-               longlimit *= multiplier;
-               limit = longlimit;
-               if (longlimit != limit)
-               {
+               if (__builtin_mul_overflow(l, multiplier, &limit)) {
                        /* FIXME: Again, silent error handling...
                         * Wouldn't screaming make more sense?
                         */