From 06fa5817489adb9728f8a29d4cb7602fb48b8bdb Mon Sep 17 00:00:00 2001
From: Yuriy M. Kaminskiy
Date: Sat, 27 Feb 2016 19:27:29 +0300
Subject: misc: safer (and uniform) handling of return value

When `rc` is `INT_MAX`, `rc + 1` result in signed integer overflow.

Signed-off-by: Karel Zak <kzak@redhat.com>
---
 sys-utils/lscpu.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

(limited to 'sys-utils/lscpu.c')

diff --git a/sys-utils/lscpu.c b/sys-utils/lscpu.c
index 318249fe0..fc327623b 100644
--- a/sys-utils/lscpu.c
+++ b/sys-utils/lscpu.c
@@ -1273,12 +1273,14 @@ get_cell_data(struct lscpu_desc *desc, int idx, int col,
 			if (cpuset_ary_isset(cpu, ca->sharedmaps,
 					     ca->nsharedmaps, setsize, &i) == 0) {
 				int x = snprintf(p, sz, "%zu", i);
-				if (x <= 0 || (size_t) x + 2 >= sz)
+				if (x < 0 || (size_t) x >= sz)
 					return NULL;
 				p += x;
 				sz -= x;
 			}
 			if (j != 0) {
+				if (sz < 2)
+					return NULL;
 				*p++ = mod->compat ? ',' : ':';
 				*p = '\0';
 				sz--;
@@ -1346,11 +1348,13 @@ get_cell_header(struct lscpu_desc *desc, int col,
 
 		for (i = desc->ncaches - 1; i >= 0; i--) {
 			int x = snprintf(p, sz, "%s", desc->caches[i].name);
-			if (x <= 0 || (size_t) x + 2 > sz)
+			if (x < 0 || (size_t) x >= sz)
 				return NULL;
 			sz -= x;
 			p += x;
 			if (i > 0) {
+				if (sz < 2)
+					return NULL;
 				*p++ = mod->compat ? ',' : ':';
 				*p = '\0';
 				sz--;
-- 
cgit v1.2.3-55-g7522