basic/xattr-util: do not cast ssize_t to int

gcc warns about unitialized memory access because it notices that ssize_t which
is < 0 could be cast to positive int value. We know that this can't really
happen because only -1 can be returned, but OTOH, in principle a large
*positive* value cannot be cast properly. This is unlikely too, since xattrs
cannot be too large, but it seems cleaner to just use a size_t to return the
value and avoid the cast altoghter. This makes the code simpler and gcc is
happy too.

The following warning goes away:
[113/1502] Compiling C object 'src/basic/basic@sta/xattr-util.c.o'.
In file included from ../src/basic/alloc-util.h:28:0,
                 from ../src/basic/xattr-util.c:30:
../src/basic/xattr-util.c: In function ‘fd_getcrtime_at’:
../src/basic/macro.h:207:60: warning: ‘b’ may be used uninitialized in this function [-Wmaybe-uninitialized]
                 UNIQ_T(A,aq) < UNIQ_T(B,bq) ? UNIQ_T(A,aq) : UNIQ_T(B,bq); \
                                                            ^
../src/basic/xattr-util.c:155:19: note: ‘b’ was declared here
         usec_t a, b;
                   ^

diff --git a/src/basic/xattr-util.c b/src/basic/xattr-util.c
index 077b7386102960d340cd985cfb1a858617f3e7d2..dc4e80217d581dc9bcb6dc30fb6965fc620f61d1 100644 (file)
--- a/src/basic/xattr-util.c
+++ b/src/basic/xattr-util.c
@@ -108,7 +108,14 @@ int fgetxattr_malloc(int fd, const char *name, char **value) {
 }
 
 #if 0 /// UNNEEDED by elogind
-ssize_t fgetxattrat_fake(int dirfd, const char *filename, const char *attribute, void *value, size_t size, int flags) {
+int fgetxattrat_fake(
+                int dirfd,
+                const char *filename,
+                const char *attribute,
+                void *value, size_t size,
+                int flags,
+                size_t *ret_size) {
+
         char fn[STRLEN("/proc/self/fd/") + DECIMAL_STR_MAX(int) + 1];
         _cleanup_close_ int fd = -1;
         ssize_t l;
@@ -135,7 +142,8 @@ ssize_t fgetxattrat_fake(int dirfd, const char *filename, const char *attribute,
         if (l < 0)
                 return -errno;
 
-        return l;
+        *ret_size = l;
+        return 0;
 }
 
 static int parse_crtime(le64_t le, usec_t *usec) {
@@ -155,7 +163,7 @@ int fd_getcrtime_at(int dirfd, const char *name, usec_t *ret, int flags) {
         struct_statx sx;
         usec_t a, b;
         le64_t le;
-        ssize_t n;
+        size_t n;
         int r;
 
         assert(ret);
@@ -181,13 +189,13 @@ int fd_getcrtime_at(int dirfd, const char *name, usec_t *ret, int flags) {
         else
                 a = USEC_INFINITY;
 
-        n = fgetxattrat_fake(dirfd, name, "user.crtime_usec", &le, sizeof(le), flags);
-        if (n < 0)
-                r = -errno;
-        else if (n != sizeof(le))
-                r = -EIO;
-        else
-                r = parse_crtime(le, &b);
+        r = fgetxattrat_fake(dirfd, name, "user.crtime_usec", &le, sizeof(le), flags, &n);
+        if (r >= 0) {
+                if (n != sizeof(le))
+                        r = -EIO;
+                else
+                        r = parse_crtime(le, &b);
+        }
         if (r < 0) {
                 if (a != USEC_INFINITY) {
                         *ret = a;

diff --git a/src/basic/xattr-util.h b/src/basic/xattr-util.h
index 63ac72f725c9fb2123258e9c061b16d0f7e16fa1..e593c210f52a0d112018a145bfb0e9eb8d29b8d1 100644 (file)
--- a/src/basic/xattr-util.h
+++ b/src/basic/xattr-util.h
@@ -30,7 +30,13 @@ int getxattr_malloc(const char *path, const char *name, char **value, bool allow
 int fgetxattr_malloc(int fd, const char *name, char **value);
 
 #if 0 /// UNNEEDED by elogind
-ssize_t fgetxattrat_fake(int dirfd, const char *filename, const char *attribute, void *value, size_t size, int flags);
+int fgetxattrat_fake(
+                int dirfd,
+                const char *filename,
+                const char *attribute,
+                void *value, size_t size,
+                int flags,
+                size_t *ret_size);
 
 int fd_setcrtime(int fd, usec_t usec);