From 513c2a10640683a211d8772a55b40925f7a9593b Mon Sep 17 00:00:00 2001 From: delphij Date: Thu, 3 Aug 2006 03:34:36 +0000 Subject: In DCE 1.1, the time_low value is defined as an unsigned 32-bit integer. Presently, our implementation employs an approach that converts the value to int64_t, then back to int, unfortunately, this approach can be problematic when the the difference between the two time_low is larger than 0x7fffffff, as the value is then truncated to int. To quote the test case from the original PR, the following is true with the current implementation: 865e1a56-b9d9-11d9-ba27-0003476f2e88 < 062ac45c-b9d9-11d9-ba27-0003476f2e88 However, according to the DCE specification, the expected result should be: 865e1a56-b9d9-11d9-ba27-0003476f2e88 > 062ac45c-b9d9-11d9-ba27-0003476f2e88 This commit adds a new intermediate variable which uses int64_t to store the result of subtraction between the two time_low values, which would not introduce different semantic of the MSB found in time_low value. PR: 83107 Submitted by: Steve Sears MFC After: 1 month --- lib/libc/uuid/uuid_compare.c | 20 +++++++++++++++----- 1 file changed, 15 insertions(+), 5 deletions(-) (limited to 'lib/libc/uuid') diff --git a/lib/libc/uuid/uuid_compare.c b/lib/libc/uuid/uuid_compare.c index f57a094..420f326 100644 --- a/lib/libc/uuid/uuid_compare.c +++ b/lib/libc/uuid/uuid_compare.c @@ -41,7 +41,8 @@ int32_t uuid_compare(const uuid_t *a, const uuid_t *b, uint32_t *status) { - int res; + int res; + int64_t res64; if (status != NULL) *status = uuid_s_ok; @@ -54,10 +55,19 @@ uuid_compare(const uuid_t *a, const uuid_t *b, uint32_t *status) if (b == NULL) return ((uuid_is_nil(a, NULL)) ? 0 : 1); - /* We have to compare the hard way. */ - res = (int)((int64_t)a->time_low - (int64_t)b->time_low); - if (res) - return ((res < 0) ? -1 : 1); + /* + * We have to compare the hard way. + * + * Note that time_low is defined as unsigned 32-bit + * integer, therefore, with a significantly large + * a->time_low and a small b->time_low, we will end + * up with a value which is larger than 0x7fffffff + * which is negative if casted to signed 32-bit + * integer. + */ + res64 = (int64_t)a->time_low - (int64_t)b->time_low; + if (res64) + return ((res64 < 0) ? -1 : 1); res = (int)a->time_mid - (int)b->time_mid; if (res) return ((res < 0) ? -1 : 1); -- cgit v1.1