On Sat, 28 May 2022 10:23:12 +0800 Wang Yufen wrote: > diff --git a/net/ipv6/udp.c b/net/ipv6/udp.c > index 55afd7f39c04..91704bbc7715 100644 > --- a/net/ipv6/udp.c > +++ b/net/ipv6/udp.c > @@ -1308,7 +1308,7 @@ int udpv6_sendmsg(struct sock *sk, struct msghdr *msg, size_t len) > struct ipcm6_cookie ipc6; > int addr_len = msg->msg_namelen; > bool connected = false; > - int ulen = len; > + size_t ulen = len; > int corkreq = READ_ONCE(up->corkflag) || msg->msg_flags&MSG_MORE; > int err; > int is_udplite = IS_UDPLITE(sk); No need to change ulen neither, it will not overflow and will be promoted to size_t when passed to ip6_append_data() / ip6_make_skb().
