Mercurial > gnulib

--- a/ChangeLog	Thu Mar 14 08:31:54 2019 +0100
+++ b/ChangeLog	Sat Mar 16 17:16:48 2019 +0100
@@ -1,3 +1,13 @@
+2019-03-16  Akim Demaille  <akim@lrde.epita.fr>
+
+	bitset: fix overflows.
+	Reported by Bruno Haible.
+	https://lists.gnu.org/archive/html/bug-gnulib/2019-03/msg00017.html
+	* lib/bitset/table.c (tbitset_test): last_bit is the position of
+	the bit in the array of bitset_word, so be sure to take its modulo
+	number-of-bits-in-bitset-word (i.e., EBITSET_ELT_WORDS).
+	* lib/bitset/list.c (lbitset_unused_clear): Likewise.
+
 2019-03-14  Akim Demaille  <akim@lrde.epita.fr>

 	bitset: style changes.
--- a/lib/bitset/list.c	Thu Mar 14 08:31:54 2019 +0100
+++ b/lib/bitset/list.c	Sat Mar 16 17:16:48 2019 +0100
@@ -859,7 +859,8 @@
       bitset_word *srcp = elt->words;
       bitset_windex windex = n_bits / BITSET_WORD_BITS;

-      srcp[windex - elt->index] &= ((bitset_word) 1 << last_bit) - 1;
+      srcp[windex - elt->index]
+        &= ((bitset_word) 1 << (last_bit % BITSET_WORD_BITS)) - 1;
       windex++;

       for (; (windex - elt->index) < LBITSET_ELT_WORDS; windex++)
--- a/lib/bitset/table.c	Thu Mar 14 08:31:54 2019 +0100
+++ b/lib/bitset/table.c	Sat Mar 16 17:16:48 2019 +0100
@@ -778,7 +778,8 @@
           bitset_windex windex = n_bits / BITSET_WORD_BITS;
           bitset_windex woffset = eindex * EBITSET_ELT_WORDS;

-          srcp[windex - woffset] &= ((bitset_word) 1 << last_bit) - 1;
+          srcp[windex - woffset]
+            &= ((bitset_word) 1 << (last_bit % BITSET_WORD_BITS)) - 1;
           windex++;
           for (; (windex - woffset) < EBITSET_ELT_WORDS; windex++)
             srcp[windex - woffset] = 0;