libcli/security: use NUMERIC_CMP in dom_sid_compare_auth()

These numbers are all 8 bit, so overflow is unlikely.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 4641a97151783c2ae825582e91b4676d66dcb713)

diff --git a/libcli/security/dom_sid.c b/libcli/security/dom_sid.c
index 38f98f9f906b0ec3b5eff812bcedd8427e729593..737f4bb3a3543feeb82bb47fb372b0562032b108 100644 (file)
--- a/libcli/security/dom_sid.c
+++ b/libcli/security/dom_sid.c
@@ -47,11 +47,12 @@ int dom_sid_compare_auth(const struct dom_sid *sid1,
                return 1;
 
        if (sid1->sid_rev_num != sid2->sid_rev_num)
-               return sid1->sid_rev_num - sid2->sid_rev_num;
+               return NUMERIC_CMP(sid1->sid_rev_num, sid2->sid_rev_num);
 
        for (i = 0; i < 6; i++)
-               if (sid1->id_auth[i] != sid2->id_auth[i])
-                       return sid1->id_auth[i] - sid2->id_auth[i];
+               if (sid1->id_auth[i] != sid2->id_auth[i]) {
+                       return NUMERIC_CMP(sid1->id_auth[i], sid2->id_auth[i]);
+               }
 
        return 0;
 }