diff options
| author | Luc Van Oostenryck <luc.vanoostenryck@gmail.com> | 2017-05-25 15:53:53 +0200 |
|---|---|---|
| committer | Luc Van Oostenryck <luc.vanoostenryck@gmail.com> | 2017-06-15 10:03:49 +0200 |
| commit | d33fdf2c0ad3a296064b592bbcdc2355c4f41dc0 (patch) | |
| tree | 6ab010a8e297d05971a01fe1ae5edb2ab0440115 /sparse.c | |
| parent | 13e3bd1f96cd46f5036f5bc6c27bfcb37b44c83c (diff) | |
| download | sparse-dev-d33fdf2c0ad3a296064b592bbcdc2355c4f41dc0.tar.gz | |
memcpy()'s byte count is unsigned
The checker part of sparse does some checking on memcpy(),
memset(), copy_{from,to}_user() byte count and warn if the
value is known to be too large. The comparison is done with
signed numbers and it also warns if the value is negative.
However these functions take an unsigned byte count (size_t)
and so the value can't really be negative.
Additionaly, the number of bits used by sparse internally may not
be the same as the one used for the target's size_t. So sparse's
check against negative value may not be the same as checking if
the target's value would be so-large-than-the-upper-bit-is-set.
Change this by removing the test for negative values and simply
do an unsigned compare.
Signed-off-by: Luc Van Oostenryck <luc.vanoostenryck@gmail.com>
Diffstat (limited to 'sparse.c')
| -rw-r--r-- | sparse.c | 6 |
1 files changed, 3 insertions, 3 deletions
@@ -152,9 +152,9 @@ static void check_byte_count(struct instruction *insn, pseudo_t count) if (!count) return; if (count->type == PSEUDO_VAL) { - long long val = count->value; - if (val <= 0 || val > 100000) - warning(insn->pos, "%s with byte count of %lld", + unsigned long long val = count->value; + if (val > 100000ULL) + warning(insn->pos, "%s with byte count of %llu", show_ident(insn->func->sym->ident), val); return; } |