From: Zbigniew Jędrzejewski-Szmek Date: Sun, 25 Feb 2018 20:25:33 +0000 (+0100) Subject: basic/xattr-util: do not cast ssize_t to int X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=commitdiff_plain;h=2ec539cba1bc8ad1f6437eb91e4b81db7944e124;p=elogind.git basic/xattr-util: do not cast ssize_t to int gcc warns about unitialized memory access because it notices that ssize_t which is < 0 could be cast to positive int value. We know that this can't really happen because only -1 can be returned, but OTOH, in principle a large *positive* value cannot be cast properly. This is unlikely too, since xattrs cannot be too large, but it seems cleaner to just use a size_t to return the value and avoid the cast altoghter. This makes the code simpler and gcc is happy too. The following warning goes away: [113/1502] Compiling C object 'src/basic/basic@sta/xattr-util.c.o'. In file included from ../src/basic/alloc-util.h:28:0, from ../src/basic/xattr-util.c:30: ../src/basic/xattr-util.c: In function ‘fd_getcrtime_at’: ../src/basic/macro.h:207:60: warning: ‘b’ may be used uninitialized in this function [-Wmaybe-uninitialized] UNIQ_T(A,aq) < UNIQ_T(B,bq) ? UNIQ_T(A,aq) : UNIQ_T(B,bq); \ ^ ../src/basic/xattr-util.c:155:19: note: ‘b’ was declared here usec_t a, b; ^ --- diff --git a/src/basic/xattr-util.c b/src/basic/xattr-util.c index 077b73861..dc4e80217 100644 --- a/src/basic/xattr-util.c +++ b/src/basic/xattr-util.c @@ -108,7 +108,14 @@ int fgetxattr_malloc(int fd, const char *name, char **value) { } #if 0 /// UNNEEDED by elogind -ssize_t fgetxattrat_fake(int dirfd, const char *filename, const char *attribute, void *value, size_t size, int flags) { +int fgetxattrat_fake( + int dirfd, + const char *filename, + const char *attribute, + void *value, size_t size, + int flags, + size_t *ret_size) { + char fn[STRLEN("/proc/self/fd/") + DECIMAL_STR_MAX(int) + 1]; _cleanup_close_ int fd = -1; ssize_t l; @@ -135,7 +142,8 @@ ssize_t fgetxattrat_fake(int dirfd, const char *filename, const char *attribute, if (l < 0) return -errno; - return l; + *ret_size = l; + return 0; } static int parse_crtime(le64_t le, usec_t *usec) { @@ -155,7 +163,7 @@ int fd_getcrtime_at(int dirfd, const char *name, usec_t *ret, int flags) { struct_statx sx; usec_t a, b; le64_t le; - ssize_t n; + size_t n; int r; assert(ret); @@ -181,13 +189,13 @@ int fd_getcrtime_at(int dirfd, const char *name, usec_t *ret, int flags) { else a = USEC_INFINITY; - n = fgetxattrat_fake(dirfd, name, "user.crtime_usec", &le, sizeof(le), flags); - if (n < 0) - r = -errno; - else if (n != sizeof(le)) - r = -EIO; - else - r = parse_crtime(le, &b); + r = fgetxattrat_fake(dirfd, name, "user.crtime_usec", &le, sizeof(le), flags, &n); + if (r >= 0) { + if (n != sizeof(le)) + r = -EIO; + else + r = parse_crtime(le, &b); + } if (r < 0) { if (a != USEC_INFINITY) { *ret = a; diff --git a/src/basic/xattr-util.h b/src/basic/xattr-util.h index 63ac72f72..e593c210f 100644 --- a/src/basic/xattr-util.h +++ b/src/basic/xattr-util.h @@ -30,7 +30,13 @@ int getxattr_malloc(const char *path, const char *name, char **value, bool allow int fgetxattr_malloc(int fd, const char *name, char **value); #if 0 /// UNNEEDED by elogind -ssize_t fgetxattrat_fake(int dirfd, const char *filename, const char *attribute, void *value, size_t size, int flags); +int fgetxattrat_fake( + int dirfd, + const char *filename, + const char *attribute, + void *value, size_t size, + int flags, + size_t *ret_size); int fd_setcrtime(int fd, usec_t usec);