From e660c2eded36787c55290bec15ec37ebbe7541ee Mon Sep 17 00:00:00 2001
From: Quinton Miller <nicetas.c@gmail.com>
Date: Sun, 2 Apr 2023 18:56:23 +0800
Subject: [PATCH] Fix `Pointer#copy_to` overflow on unsigned size and different
 target type

---
 spec/std/pointer_spec.cr | 7 +++++++
 src/pointer.cr           | 3 ++-
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/spec/std/pointer_spec.cr b/spec/std/pointer_spec.cr
index 87772f92c6a2..ae51706cf6f6 100644
--- a/spec/std/pointer_spec.cr
+++ b/spec/std/pointer_spec.cr
@@ -85,6 +85,13 @@ describe "Pointer" do
       p1.copy_to(p2 || p3, 4)
       4.times { |i| p2[i].should eq(p1[i]) }
     end
+
+    it "doesn't raise OverflowError on unsigned size and different target type" do
+      p1 = Pointer.malloc(4, 1)
+      p2 = Pointer.malloc(4, 0 || nil)
+      p1.copy_to(p2, 4_u32)
+      4.times { |i| p2[i].should eq(p1[i]) }
+    end
   end
 
   describe "move_from" do
diff --git a/src/pointer.cr b/src/pointer.cr
index 11ee89c0101c..2479ef0bbb77 100644
--- a/src/pointer.cr
+++ b/src/pointer.cr
@@ -247,7 +247,8 @@ struct Pointer(T)
     if self.class == source.class
       Intrinsics.memcpy(self.as(Void*), source.as(Void*), bytesize(count), false)
     else
-      while (count -= 1) >= 0
+      while count > 0
+        count &-= 1
         self[count] = source[count]
       end
     end