| commit | d33fdf2c0ad3a296064b592bbcdc2355c4f41dc0 | |
| author | Luc Van Oostenryck <luc.vanoostenryck@gmail.com> | |
| Thu, 25 May 2017 13:53:53 +0000 (25 15:53 +0200) | ||
| committer | Luc Van Oostenryck <luc.vanoostenryck@gmail.com> | |
| Thu, 15 Jun 2017 08:03:49 +0000 (15 10:03 +0200) | ||
| tree | 6ab010a8e297d05971a01fe1ae5edb2ab0440115 | treesnapshot (tar.gz zip) |
| parent | 13e3bd1f96cd46f5036f5bc6c27bfcb37b44c83c | commitdiff |
memcpy()'s byte count is unsigned
The checker part of sparse does some checking on memcpy(),
memset(), copy_{from,to}_user() byte count and warn if the
value is known to be too large. The comparison is done with
signed numbers and it also warns if the value is negative.
However these functions take an unsigned byte count (size_t)
and so the value can't really be negative.
Additionaly, the number of bits used by sparse internally may not
be the same as the one used for the target's size_t. So sparse's
check against negative value may not be the same as checking if
the target's value would be so-large-than-the-upper-bit-is-set.
Change this by removing the test for negative values and simply
do an unsigned compare.
Signed-off-by: Luc Van Oostenryck <luc.vanoostenryck@gmail.com>
The checker part of sparse does some checking on memcpy(),
memset(), copy_{from,to}_user() byte count and warn if the
value is known to be too large. The comparison is done with
signed numbers and it also warns if the value is negative.
However these functions take an unsigned byte count (size_t)
and so the value can't really be negative.
Additionaly, the number of bits used by sparse internally may not
be the same as the one used for the target's size_t. So sparse's
check against negative value may not be the same as checking if
the target's value would be so-large-than-the-upper-bit-is-set.
Change this by removing the test for negative values and simply
do an unsigned compare.
Signed-off-by: Luc Van Oostenryck <luc.vanoostenryck@gmail.com>
| sparse.c | diffblobblamehistory |