Re: [PATCH v2 1/6] libfdt: fdt_add_string_(): Fix comparison warning

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

On Thu, Oct 01, 2020 at 05:46:25PM +0100, Andre Przywara wrote:
> With -Wsign-compare, compilers warn about a mismatching signedness
> in a comparison in fdt_add_string_().
> 
> Make all variables unsigned, and express the negative offset trick via
> subtractions in the code.
> 
> Signed-off-by: Andre Przywara <andre.przywara@xxxxxxx>

Applied.  I think there are some followup improvements we could make
here, though.

> ---
>  libfdt/fdt_sw.c | 14 +++++++-------
>  1 file changed, 7 insertions(+), 7 deletions(-)
> 
> diff --git a/libfdt/fdt_sw.c b/libfdt/fdt_sw.c
> index 8de18fd..354f466 100644
> --- a/libfdt/fdt_sw.c
> +++ b/libfdt/fdt_sw.c
> @@ -250,18 +250,18 @@ int fdt_end_node(void *fdt)
>  static int fdt_add_string_(void *fdt, const char *s)
>  {
>  	char *strtab = (char *)fdt + fdt_totalsize(fdt);
> -	int strtabsize = fdt_size_dt_strings(fdt);
> -	int len = strlen(s) + 1;
> -	int struct_top, offset;
> +	unsigned int strtabsize = fdt_size_dt_strings(fdt);
> +	unsigned int len = strlen(s) + 1;

In both the old and new versions, there's an implicit cast from size_t
here, which I think could theoretically overflow (with a colossal
string, 32-bit ints and 64-bit pointers/size_t).  So we probably
should actually check that this is <= INT_MAX.

> +	unsigned int struct_top, offset;
>  
> -	offset = -strtabsize - len;
> +	offset = strtabsize + len;
>  	struct_top = fdt_off_dt_struct(fdt) + fdt_size_dt_struct(fdt);
> -	if (fdt_totalsize(fdt) + offset < struct_top)
> +	if (fdt_totalsize(fdt) - offset < struct_top)

Likewise we should check that totalisize - offset doesn't overflow
(underflow?).

>  		return 0; /* no more room :( */
>  
> -	memcpy(strtab + offset, s, len);
> +	memcpy(strtab - offset, s, len);
>  	fdt_set_size_dt_strings(fdt, strtabsize + len);
> -	return offset;
> +	return -offset;
>  }
>  
>  /* Must only be used to roll back in case of error */

-- 
David Gibson			| I'll have my music baroque, and my code
david AT gibson.dropbear.id.au	| minimalist, thank you.  NOT _the_ _other_
				| _way_ _around_!
http://www.ozlabs.org/~dgibson

Attachment: signature.asc
Description: PGP signature

[Index of Archives]     [Device Tree]     [Device Tree Spec]     [Linux Driver Backports]     [Video for Linux]     [Linux USB Devel]     [Linux Audio Users]     [Linux Kernel]     [Linux SCSI]     [Yosemite Backpacking]

  Powered by Linux