From a776c9fc72c5a95b16f8dfa34d5e6aa4e1bbf367 Mon Sep 17 00:00:00 2001
From: Arne Goedeke <el@laramies.com>
Date: Sat, 11 Jan 2014 19:56:21 -0500
Subject: [PATCH] type system: prevent signed integer overflow

---
 src/pike_types.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/src/pike_types.c b/src/pike_types.c
index 44a3b499e5..93bc5cde9e 100644
--- a/src/pike_types.c
+++ b/src/pike_types.c
@@ -2104,7 +2104,7 @@ void simple_describe_type(struct pike_type *s)
 #endif /* PIKE_DEBUG */
 	      min = CAR_TO_INT(char_type);
 	      max = CDR_TO_INT(char_type);
-	      if (!min && max && !(max & (max+1))) {
+	      if (!min && max && max != MAX_INT32 && !(max & (max+1))) {
 		int j = 0;
 		while (max) {
 		  max >>= 1;
@@ -2139,7 +2139,7 @@ void simple_describe_type(struct pike_type *s)
 #endif /* PIKE_DEBUG */
 	      min = CAR_TO_INT(s);
 	      max = CDR_TO_INT(s);
-	      if (!min && max && !(max & (max+1))) {
+	      if (!min && max && max != MAX_INT32 && !(max & (max+1))) {
 		int j = 0;
 		while (max) {
 		  max >>= 1;
@@ -2310,7 +2310,7 @@ static void low_describe_type(struct pike_type *t)
       INT32 max=CDR_TO_INT(t);
       my_strcat("int");
       
-      if (!min && max && !(max & (max+1))) {
+      if (!min && max && max != MAX_INT32 && !(max & (max+1))) {
 	int j = 0;
 	while (max) {
 	  max >>= 1;
@@ -2388,7 +2388,7 @@ static void low_describe_type(struct pike_type *t)
 	    } else {
 	      min = CAR_TO_INT(char_type);
 	      max = CDR_TO_INT(char_type);
-	      if (!min && max && !(max & (max+1))) {
+	      if (!min && max && max != MAX_INT32 && !(max & (max+1))) {
 		int j = 0;
 		while (max) {
 		  max >>= 1;
@@ -2419,7 +2419,7 @@ static void low_describe_type(struct pike_type *t)
 	  } else {
 	    min = CAR_TO_INT(t);
 	    max = CDR_TO_INT(t);
-	    if (!min && max && !(max & (max+1))) {
+	    if (!min && max && max != MAX_INT32 && !(max & (max+1))) {
 	      int j = 0;
 	      while (max) {
 		max >>= 1;
-- 
GitLab