commit 2291ab966d7f8fb4e2e4d55981213a9c6e339c2b
author Michal Vasko <mvasko@cesnet.cz> Mon Aug 08 08:53:12 2022 +0200
committer Michal Vasko <mvasko@cesnet.cz> Mon Aug 08 08:53:12 2022 +0200
tree edf4e39e521bc3735af499c29ef0030c2686eda8
parent eff68c40a7ad9af457814f2ed82a6ab76bf58357

xpath BUGFIX avoid unsigned overflow

src/xpath.c

diff --git a/src/xpath.c b/src/xpath.c
index 3c19230..e64adbe 100644
--- a/src/xpath.c
+++ b/src/xpath.c
@@ -381,16 +381,16 @@
  * @return LY_ERR
  */
 static LY_ERR
-cast_string_realloc(const struct ly_ctx *ctx, uint16_t needed, char **str, uint16_t *used, uint16_t *size)
+cast_string_realloc(const struct ly_ctx *ctx, uint32_t needed, char **str, uint16_t *used, uint16_t *size)
 {
-    if (*size - *used < needed) {
+    if (*size - (unsigned)*used < needed) {
         do {
             if ((UINT16_MAX - *size) < LYXP_STRING_CAST_SIZE_STEP) {
                 LOGERR(ctx, LY_EINVAL, "XPath string length limit (%u) reached.", UINT16_MAX);
                 return LY_EINVAL;
             }
             *size += LYXP_STRING_CAST_SIZE_STEP;
-        } while (*size - *used < needed);
+        } while (*size - (unsigned)*used < needed);
         *str = ly_realloc(*str, *size * sizeof(char));
         LY_CHECK_ERR_RET(!(*str), LOGMEM(ctx), LY_EMEM);
     }