Skip to content

apk_defines: use unsigned operand in BIT

nina requested to merge q66/apk-tools:bit-ub into master

This fixes undefined behavior at least in database, where BIT is used with 31 (as APK_MAX_REPOS is 32) which is not representable with a signed integer.

The specific instance is in https://gitlab.alpinelinux.org/alpine/apk-tools/-/blob/790a62e9f36e82b753c3c115267516a88d48ed82/src/database.c#L2262, but there could be others.

Merge request reports

Loading