about summary refs log tree commit diff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--ChangeLog6
-rw-r--r--stdlib/random_r.c9
2 files changed, 10 insertions, 5 deletions
diff --git a/ChangeLog b/ChangeLog
index 3399e567b8..83fa3089e5 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2018-03-20  Joseph Myers  <joseph@codesourcery.com>
+
+	[BZ #17343]
+	* stdlib/random_r.c (__random_r): Use unsigned arithmetic for
+	possibly overflowing computations.
+
 2018-03-20  Samuel Thibault  <samuel.thibault@ens-lyon.org>
 
 	* manual/errno.texi (EOWNERDEAD, ENOTRECOVERABLE): Remove errno
diff --git a/stdlib/random_r.c b/stdlib/random_r.c
index 4d2f0d472f..b47c65c6d7 100644
--- a/stdlib/random_r.c
+++ b/stdlib/random_r.c
@@ -361,8 +361,7 @@ __random_r (struct random_data *buf, int32_t *result)
 
   if (buf->rand_type == TYPE_0)
     {
-      int32_t val = state[0];
-      val = ((state[0] * 1103515245) + 12345) & 0x7fffffff;
+      int32_t val = ((state[0] * 1103515245U) + 12345U) & 0x7fffffff;
       state[0] = val;
       *result = val;
     }
@@ -371,11 +370,11 @@ __random_r (struct random_data *buf, int32_t *result)
       int32_t *fptr = buf->fptr;
       int32_t *rptr = buf->rptr;
       int32_t *end_ptr = buf->end_ptr;
-      int32_t val;
+      uint32_t val;
 
-      val = *fptr += *rptr;
+      val = *fptr += (uint32_t) *rptr;
       /* Chucking least random bit.  */
-      *result = (val >> 1) & 0x7fffffff;
+      *result = val >> 1;
       ++fptr;
       if (fptr >= end_ptr)
 	{
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-11-24 07:33:20 +0000