[PATCH] iniparser: prevent signed integer underflow in line length calculation

[David Oberhollenzer]

Hi,

according to your description, this was found by static analysis? I'm
a little confused how it should be possible to trigger this bug:

On 1/27/26 1:56 PM, Anton Moryakov wrote:
>   
>       while (fgets(line+last, ASCIILINESZ-last, in)!=NULL) {
>           lineno++ ;
> -        len = (int)strlen(line)-1;

The return value of `strlen` is cast to an int, which AFAIK has
higher precedence than the following subtraction of 1 (also, by default,
an integer).

The variable `len` is declared as an `int` at the beginning of the
function, it is signed and *can* be negative, there is no underflow
here.

Directly after the code you inserted is this:

>           if (len<=0)
>               continue;

which should catch that exact case you are trying to fix, no?

Greetings,

David