From 8a87abd37b9095146ca588c04e8e79f36a3337fb Mon Sep 17 00:00:00 2001
From: Mikhail Novosyolov <m.novosyolov@rosalinux.ru>
Date: Sat, 28 Feb 2026 23:53:01 +0300
Subject: [PATCH] Fix INTEGER_OVERFLOW in gen_tables.h

Use ssize_t instead of size_t for binary search index

Fix integer underflow in gen_tables.h by changing mid from size_t to
ssize_t in s2i__() and i2s_bsearch__(). This prevents mid - 1 from
wrapping to SIZE_MAX when mid is 0, which would break the binary search
loop termination condition.

Resolves Svace INTEGER_OVERFLOW warning (for audit-userspace v3.0.8):
  An integer underflow may occur due to arithmetic operation
  (unsigned subtraction) between variable 'mid' and value '1',
  when 'mid' is equal to '0' (CWE125, CWE190, CWE191)
  Location: gen_tables.h:90

Co-authored-by: Z.AI GLM-5
---
 lib/gen_tables.h | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/lib/gen_tables.h b/lib/gen_tables.h
index 8262cfd68..7dd8ae595 100644
--- a/lib/gen_tables.h
+++ b/lib/gen_tables.h
@@ -36,7 +36,8 @@ inline static int s2i__(const char *strings, const unsigned *s_table,
 	ssize_t left = 0, right = n - 1;
 
 	while (left <= right) {	/* invariant: left <= x <= right */
-		size_t mid, off, i;
+		ssize_t mid;
+		size_t off, i;
 		const char *t;
 		int r;
 
@@ -87,7 +88,7 @@ inline static const char *i2s_bsearch__(const char *strings,
 	left = 0;
 	right = n - 1;
 	while (left <= right) {	/* invariant: left <= x <= right */
-		size_t mid;
+		ssize_t mid;
 		int mid_val;
 
 		mid = (left + right) / 2;