From b0f3df16a495745cf16657a48dde6845ec85c732 Mon Sep 17 00:00:00 2001 From: Roberto Ierusalimschy Date: Tue, 25 Mar 2025 11:43:03 -0300 Subject: Addition in math.random can overflow To avoid complains from some tools, the addition when computing math.random(n,m), which is computed as n + random(0, m - n), should use unsigned integers. --- lmathlib.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'lmathlib.c') diff --git a/lmathlib.c b/lmathlib.c index c7418e69..a0981772 100644 --- a/lmathlib.c +++ b/lmathlib.c @@ -593,8 +593,8 @@ static int math_random (lua_State *L) { /* random integer in the interval [low, up] */ luaL_argcheck(L, low <= up, 1, "interval is empty"); /* project random integer into the interval [0, up - low] */ - p = project(I2UInt(rv), (lua_Unsigned)up - (lua_Unsigned)low, state); - lua_pushinteger(L, l_castU2S(p) + low); + p = project(I2UInt(rv), l_castS2U(up) - l_castS2U(low), state); + lua_pushinteger(L, l_castU2S(p + l_castS2U(low))); return 1; } -- cgit v1.2.3-55-g6feb