Re: [PATCH 05/14] libfdt: fdt_move(): Fix comparison warnings

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Mon, Sep 21, 2020 at 05:52:54PM +0100, Andre Przywara wrote:
> With -Wsign-compare, compilers warn about a mismatching signedness
> in comparisons in fdt_move().
> 
> This stems from "bufsize" being passed in as a signed integer, even
> though we would expect a buffer size to be positive.
> 
> Short of changing the prototype, check that bufsize is not negative, and
> cast it to an unsigned type in the comparison.
> 
> Signed-off-by: Andre Przywara <andre.przywara@xxxxxxx>

Logic looks good, but the libfdt-in-tiny-bootloaders people would
probably appreciate a !can_assume(VALID_INPUT) test to elide the check
on bufsize.

> ---
>  libfdt/fdt.c | 5 ++++-
>  1 file changed, 4 insertions(+), 1 deletion(-)
> 
> diff --git a/libfdt/fdt.c b/libfdt/fdt.c
> index 04e1e06..43aaada 100644
> --- a/libfdt/fdt.c
> +++ b/libfdt/fdt.c
> @@ -314,9 +314,12 @@ const char *fdt_find_string_(const char *strtab, int tabsize, const char *s)
>  
>  int fdt_move(const void *fdt, void *buf, int bufsize)
>  {
> +	if (bufsize < 0)
> +		return -FDT_ERR_NOSPACE;
> +
>  	FDT_RO_PROBE(fdt);
>  
> -	if (fdt_totalsize(fdt) > bufsize)
> +	if (fdt_totalsize(fdt) > (unsigned int)bufsize)
>  		return -FDT_ERR_NOSPACE;
>  
>  	memmove(buf, fdt, fdt_totalsize(fdt));

-- 
David Gibson			| I'll have my music baroque, and my code
david AT gibson.dropbear.id.au	| minimalist, thank you.  NOT _the_ _other_
				| _way_ _around_!
http://www.ozlabs.org/~dgibson

Attachment: signature.asc
Description: PGP signature


[Index of Archives]     [Device Tree]     [Device Tree Spec]     [Linux Driver Backports]     [Video for Linux]     [Linux USB Devel]     [Linux Audio Users]     [Linux Kernel]     [Linux SCSI]     [Yosemite Backpacking]

  Powered by Linux