On Mon, Oct 08, 2018 at 11:47:09AM -0700, Bart Van Assche wrote: > On Thu, 2018-10-04 at 23:57 -0700, Nathan Chancellor wrote: > > Regardless of how the overflow is handled within the switch statement, > > the overflow is also happening when passing in these values to the ioctl, > > right? I mean these case values are defined in the uapi files so that > > userspace can easily pass them in to the ioctl, meaning those values are > > being passed in as a signed integer and I would assume subsequently > > overflowing unless I'm just missing something here. > > From the user space header <sys/ioctl.h>: > > extern int ioctl (int __fd, unsigned long int __request, ...) __THROW; > > From the kernel header <linux/fs.h>: > > long (*unlocked_ioctl) (struct file *, unsigned int, unsigned long); > long (*compat_ioctl) (struct file *, unsigned int, unsigned long); > > Why has the second argument been declared as "unsigned long" in the glibc > headers and as "unsigned int" in the kernel headers? That's not clear to me. > > Bart. > Hi Bart, Sorry it took me so long to reply, somehow this email got lost in my inbox... Unfortuntely, I am unsure why there is that discrepency between the headers. I tried to do some research but I didn't come up with much. However, I did test changing the type of ioctl/compat_ioctl's cmd parameter to 'unsigned int' and came up with the following diff (rather large so sharing via a gist instead of pasting here): https://gist.github.com/nathanchance/8febc92735f4228574cb0464520f0f6f I'll obviously draft up a proper commit message before formally sending but I can address any major concerns before that happens. I checked every single ioctl for a negative value and there aren't any so I think this change makes sense to fix this warning. Cheers, Nathan
