From 16942c6fdaddb819b71b72e53aa4aa691e3c0053 Mon Sep 17 00:00:00 2001
From: Edward Thomson <ethomson@microsoft.com>
Date: Thu, 12 Feb 2015 17:36:48 -0500
Subject: [PATCH] integer overflow: use compiler intrinsics if supported

gcc and clang support __builtin_add_overflow, use it whenever
possible, falling back to our naive routines.
---
 src/common.h  |  5 +++++
 src/integer.h | 15 +++++++++++++++
 2 files changed, 20 insertions(+)

diff --git a/src/common.h b/src/common.h
index 8d1e89064..98109ae3a 100644
--- a/src/common.h
+++ b/src/common.h
@@ -17,6 +17,11 @@
 # define GIT_INLINE(type) static inline type
 #endif
 
+/** Support for gcc/clang __has_builtin intrinsic */
+#ifndef __has_builtin
+# define __has_builtin(x) 0
+#endif
+
 #include <assert.h>
 #include <errno.h>
 #include <limits.h>
diff --git a/src/integer.h b/src/integer.h
index a4abe2bd1..8e86a48a5 100644
--- a/src/integer.h
+++ b/src/integer.h
@@ -54,6 +54,19 @@ GIT_INLINE(bool) git__add_uint64_overflow(uint64_t *out, uint64_t one, uint64_t
 	return false;
 }
 
+/* Use clang/gcc compiler intrinsics whenever possible */
+#if (SIZE_MAX == UINT_MAX) && __has_builtin(__builtin_uadd_overflow)
+# define git__add_sizet_overflow(out, one, two) \
+	__builtin_uadd_overflow(one, two, out)
+# define git__multiply_sizet_overflow(out, one, two)
+	__builtin_umul_overflow(one, two, out)
+#elif (SIZE_MAX == ULONG_MAX) && __has_builtin(__builtin_uaddl_overflow)
+# define git__add_sizet_overflow(out, one, two) \
+	__builtin_uaddl_overflow(one, two, out)
+# define git__multiply_sizet_overflow(out, one, two) \
+	__builtin_umull_overflow(one, two, out)
+#else
+
 /**
  * Sets `one + two` into `out`, unless the arithmetic would overflow.
  * @return true if the result fits in a `size_t`, false on overflow.
@@ -78,4 +91,6 @@ GIT_INLINE(bool) git__multiply_sizet_overflow(size_t *out, size_t one, size_t tw
 	return false;
 }
 
+#endif
+
 #endif /* INCLUDE_integer_h__ */