From 5e99262aaf5fc6601f3859c8b060b680b11bf6ea Mon Sep 17 00:00:00 2001
From: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Date: Thu, 4 Apr 2024 14:25:54 +1300
Subject: [PATCH] s3:util:net_registry: registry_value_cmp() uses NUMERIC_CMP()

v->type is an int-sized enum, so overflow might be possible if it could
be arbitrarily set.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15625

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
---
 source3/utils/net_registry.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/source3/utils/net_registry.c b/source3/utils/net_registry.c
index 92f6ebf374b..65b7136583a 100644
--- a/source3/utils/net_registry.c
+++ b/source3/utils/net_registry.c
@@ -1146,7 +1146,7 @@ static int registry_value_cmp(
 	if (v1->type == v2->type) {
 		return data_blob_cmp(&v1->data, &v2->data);
 	}
-	return v1->type - v2->type;
+	return NUMERIC_CMP(v1->type, v2->type);
 }
 
 static WERROR precheck_create_val(struct precheck_ctx *ctx,