From ed79eedb472a7e049973fcd76c33ec3e14c5b490 Mon Sep 17 00:00:00 2001
From: Sviatoslav Grebenchucov <m1r4gexx@gmail.com>
Date: Sun, 25 Aug 2019 15:11:16 +0300
Subject: [PATCH] sul_compare: prevent integer overflow bug

---
 lib/core-net/sorted-usec-list.c | 16 ++++++++++++++--
 1 file changed, 14 insertions(+), 2 deletions(-)

diff --git a/lib/core-net/sorted-usec-list.c b/lib/core-net/sorted-usec-list.c
index c54780725..97480fb76 100644
--- a/lib/core-net/sorted-usec-list.c
+++ b/lib/core-net/sorted-usec-list.c
@@ -27,8 +27,20 @@
 static int
 sul_compare(const lws_dll2_t *d, const lws_dll2_t *i)
 {
-	return ((lws_sorted_usec_list_t *)d)->us -
-			((lws_sorted_usec_list_t *)i)->us;
+	lws_usec_t a = ((lws_sorted_usec_list_t *)d)->us;
+	lws_usec_t b = ((lws_sorted_usec_list_t *)i)->us;
+
+	/*
+	 * Simply returning (a - b) in an int
+	 * may lead to an integer overflow bug
+	 */
+
+	if (a > b)
+		return 1;
+	if (a < b)
+		return -1;
+
+	return 0;
 }
 
 int