From 33299ece737c635910e358d7e09dd8af6bce1a5d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Magnus=20L=C3=A5ng?= Date: Wed, 2 Dec 2015 14:30:56 +0100 Subject: beam: Fix overflow bug in i_bs_add_jId The test whether the result would fit in a smallnum could overflow into a negative number that would fit a smallnum. A test that reproduces the issue was added to bs_construct_SUITE. --- erts/emulator/beam/beam_emu.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'erts/emulator/beam/beam_emu.c') diff --git a/erts/emulator/beam/beam_emu.c b/erts/emulator/beam/beam_emu.c index 38def5d89f..73292885ce 100644 --- a/erts/emulator/beam/beam_emu.c +++ b/erts/emulator/beam/beam_emu.c @@ -4069,7 +4069,7 @@ do { \ tmp_arg1 += Arg1; store_bs_add_result: - if (MY_IS_SSMALL((Sint) tmp_arg1)) { + if (tmp_arg1 <= MAX_SMALL) { tmp_arg1 = make_small(tmp_arg1); } else { /* -- cgit v1.2.3