diff options
author | Andrew G Morgan <morgan@kernel.org> | 2013-12-24 10:03:58 -0800 |
---|---|---|
committer | Andrew G Morgan <morgan@kernel.org> | 2013-12-24 10:03:58 -0800 |
commit | aed54a828a374a357847bc33b60488b402999c29 (patch) | |
tree | bdfa9324d5ec29ed4e6b559a897bd6cf114acc3b | |
parent | dfea7eba31e6d15e8a63f818bb4438340b70a8c9 (diff) | |
download | libcap-aed54a828a374a357847bc33b60488b402999c29.tar.gz |
Clean up some signed vs. unsigned comparisons in libcap.
Suggestion from Mark Wielaard @ Redhat and, more recently from Akhil Arora @ Intel.
Signed-off-by: Andrew G Morgan <morgan@kernel.org>
-rw-r--r-- | libcap/cap_alloc.c | 2 | ||||
-rw-r--r-- | libcap/cap_extint.c | 10 | ||||
-rw-r--r-- | libcap/cap_file.c | 4 | ||||
-rw-r--r-- | libcap/libcap.h | 13 |
4 files changed, 19 insertions, 10 deletions
diff --git a/libcap/cap_alloc.c b/libcap/cap_alloc.c index 5fa5e93..525ea90 100644 --- a/libcap/cap_alloc.c +++ b/libcap/cap_alloc.c @@ -125,7 +125,7 @@ int cap_free(void *data_p) } if ( good_cap_string(data_p) ) { - int length = strlen(data_p) + sizeof(__u32); + size_t length = strlen(data_p) + sizeof(__u32); data_p = -1 + (__u32 *) data_p; memset(data_p, 0, length); free(data_p); diff --git a/libcap/cap_extint.c b/libcap/cap_extint.c index 5a0cc8e..7d6e7ad 100644 --- a/libcap/cap_extint.c +++ b/libcap/cap_extint.c @@ -31,7 +31,7 @@ struct cap_ext_struct { ssize_t cap_size(cap_t caps) { - return sizeof(struct cap_ext_struct); + return ssizeof(struct cap_ext_struct); } /* @@ -46,7 +46,7 @@ ssize_t cap_copy_ext(void *cap_ext, cap_t cap_d, ssize_t length) int i; /* valid arguments? */ - if (!good_cap_t(cap_d) || length < sizeof(struct cap_ext_struct) + if (!good_cap_t(cap_d) || length < ssizeof(struct cap_ext_struct) || cap_ext == NULL) { errno = EINVAL; return -1; @@ -57,7 +57,7 @@ ssize_t cap_copy_ext(void *cap_ext, cap_t cap_d, ssize_t length) result->length_of_capset = CAP_SET_SIZE; for (i=0; i<NUMBER_OF_CAP_SETS; ++i) { - int j; + size_t j; for (j=0; j<CAP_SET_SIZE; ) { __u32 val; @@ -71,7 +71,7 @@ ssize_t cap_copy_ext(void *cap_ext, cap_t cap_d, ssize_t length) } /* All done: return length of external representation */ - return (sizeof(struct cap_ext_struct)); + return (ssizeof(struct cap_ext_struct)); } /* @@ -99,7 +99,7 @@ cap_t cap_copy_int(const void *cap_ext) blen = export->length_of_capset; for (set=0; set<NUMBER_OF_CAP_SETS; ++set) { - int blk; + unsigned blk; int bno = 0; for (blk=0; blk<(CAP_SET_SIZE/sizeof(__u32)); ++blk) { __u32 val = 0; diff --git a/libcap/cap_file.c b/libcap/cap_file.c index 634e601..d3dc1d0 100644 --- a/libcap/cap_file.c +++ b/libcap/cap_file.c @@ -187,7 +187,7 @@ cap_t cap_get_fd(int fildes) /* fill the capability sets via a system call */ sizeofcaps = fgetxattr(fildes, XATTR_NAME_CAPS, &rawvfscap, sizeof(rawvfscap)); - if (sizeofcaps < sizeof(rawvfscap.magic_etc)) { + if (sizeofcaps < ssizeof(rawvfscap.magic_etc)) { cap_free(result); result = NULL; } else { @@ -217,7 +217,7 @@ cap_t cap_get_file(const char *filename) /* fill the capability sets via a system call */ sizeofcaps = getxattr(filename, XATTR_NAME_CAPS, &rawvfscap, sizeof(rawvfscap)); - if (sizeofcaps < sizeof(rawvfscap.magic_etc)) { + if (sizeofcaps < ssizeof(rawvfscap.magic_etc)) { cap_free(result); result = NULL; } else { diff --git a/libcap/libcap.h b/libcap/libcap.h index 1e66f98..2596c11 100644 --- a/libcap/libcap.h +++ b/libcap/libcap.h @@ -12,14 +12,15 @@ #include <stdio.h> #include <stdlib.h> #include <string.h> +#include <stdint.h> #include <sys/capability.h> #ifndef __u8 -#define __u8 unsigned char +#define __u8 uint8_t #endif /* __8 */ #ifndef __u32 -#define __u32 unsigned int +#define __u32 uint32_t #endif /* __u32 */ /* include the names for the caps and a definition of __CAP_BITS */ @@ -197,4 +198,12 @@ extern int capsetp(pid_t pid, cap_t cap_d); #define PR_GET_SECUREBITS 27 #define PR_SET_SECUREBITS 28 +/* + * The library compares sizeof() with integer return values. To avoid + * signed/unsigned comparisons, leading to unfortunate + * misinterpretations of -1, we provide a convenient cast-to-signed-integer + * version of sizeof(). + */ +#define ssizeof(x) ((ssize_t) sizeof(x)) + #endif /* LIBCAP_H */ |