From f5f4b20d1becc2dabb40aa022387eaa41ae84e15 Mon Sep 17 00:00:00 2001
From: "Raphael S. Carvalho" <raphaelsc@cloudius-systems.com>
Date: Mon, 30 Mar 2015 16:24:23 -0300
Subject: [PATCH] sstables: improve check_truncate_and_assign()

 +    if (from >= std::numeric_limits<T>::max()) {
Avi explains an issue with the snippet above from the function:
This misses the case where either type is signed. At best you'd
get a compiler warning about comparing types with different
signedness, at worst a negative value can be truncated.

Signed-off-by: Raphael S. Carvalho <raphaelsc@cloudius-systems.com>
---
 sstables/sstables.cc | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/sstables/sstables.cc b/sstables/sstables.cc
index d2e7a839f7..eeb6194cb2 100644
--- a/sstables/sstables.cc
+++ b/sstables/sstables.cc
@@ -130,10 +130,10 @@ static void check_buf_size(temporary_buffer<char>& buf, size_t expected) {
 template <typename T, typename U>
 static void check_truncate_and_assign(T& to, const U from) {
     static_assert(std::is_integral<T>::value && std::is_integral<U>::value, "T and U must be integral");
-    if (from >= std::numeric_limits<T>::max()) {
-        throw std::overflow_error("assigning U to T would cause an overflow");
-    }
     to = from;
+    if (to != from) {
+        throw std::overflow_error("assigning U to T caused an overflow");
+    }
 }
 
 // Base parser, parses an integer type