patch 9.0.2113: Coverity warns for another overflow in shift_line()

Problem:  Coverity warns for another overflow in shift_line()
Solution: Test for INT_MAX after the if condition, cast integer values
          to (long long) before multiplying.

Signed-off-by: Christian Brabandt <cb@256bit.org>
Signed-off-by: Michael Henry <vim@drmikehenry.com>
Signed-off-by: Ernie Rael <errael@raelity.com>

diff --git a/src/ops.c b/src/ops.c
index ecd7fc2170c58bf958eeabe3b896d09d6136c6b4..9e8ea86160c30d781cadea33e1f3df80357bda52 100644 (file)
--- a/src/ops.c
+++ b/src/ops.c
@@ -249,25 +249,23 @@ shift_line(
        }
        else
            i += amount;
-       count = i * sw_val;
+       count = (long long)i * (long long)sw_val;
     }
     else               // original vi indent
     {
        if (left)
        {
-           count -= sw_val * amount;
+           count -= (long long)sw_val * (long long)amount;
            if (count < 0)
                count = 0;
        }
        else
-       {
-           if ((long long)sw_val * (long long)amount > INT_MAX - count)
-               count = INT_MAX;
-           else
-               count += (long long)sw_val * (long long)amount;
-       }
+           count += (long long)sw_val * (long long)amount;
     }
 
+    if (count > INT_MAX)
+       count = INT_MAX;
+
     // Set new indent
     if (State & VREPLACE_FLAG)
        change_indent(INDENT_SET, (int)count, FALSE, NUL, call_changed_bytes);

diff --git a/src/version.c b/src/version.c
index 249cd11d208b80ad1fcfa5924dc66a631ee7530b..00b532075cac7060eb6cc097bd207dba3d1ed97c 100644 (file)
--- a/src/version.c
+++ b/src/version.c
@@ -704,6 +704,8 @@ static char *(features[]) =
 
 static int included_patches[] =
 {   /* Add new patch number below this line */
+/**/
+    2113,
 /**/
     2112,
 /**/