Fix intset midpoint selection

The classic (min+max)/2 is provably unsafe. Fixed as recommended in research: http://googleresearch.blogspot.com/2006/06/extra-extra-read-all-about-it-nearly.html Fix inspired by @wjin, but I used a different approach. (later, I found @kuebler fixed the same issue too). Fixes #1741, #1602
redis · Aug 2, 2014 · 4aa3300 · 4aa3300
1 parent 46f90e4
commit 4aa3300
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/src/intset.c b/src/intset.c
@@ -133,7 +133,7 @@ static uint8_t intsetSearch(intset *is, int64_t value, uint32_t *pos) {
     }
 
     while(max >= min) {
-        mid = (min+max)/2;
+        mid = ((unsigned int)min + (unsigned int)max) >> 1;
         cur = _intsetGet(is,mid);
         if (value > cur) {
             min = mid+1;