Coda File System

Re: [PATCH] coda compiler warning removal

From: Stephen J. Turnbull <>
Date: Fri, 12 Sep 2003 10:03:46 +0900
>>>>> "Greg" == Greg Troxel <> writes:

    Greg> But if the constant or the data type changes the code will
    Greg> be wrong and have a potential security issue.

I came to the same conclusion about some code in XEmacs recently.

Here I have to wonder if this warning doesn't expose a different bug,
namely, that vdir->d_namlen is too small a type to detect a buffer
overflow when it occurs!  (Logical possibility only, of course Jan
would never permit such a thing!  ;-)

    Greg> I wonder if one can cast the left hand variable to (unsigned
    Greg> int) and avoid the warning more safely?

I couldn't really justify that, the code in question is in the inner
loop for a lot of operations---we _want_ it optimized away.  Maybe
that's not an issue here.  FWIW here are two other options I considered:

		/* validate whether the directory file actually makes sense */
		if (vdir->d_reclen < vdir_size + vdir->d_namlen
#if sizeof(vdir->d_namlen) != sizeof(unsigned char)
		    || vdir->d_namlen > CODA_MAXNAMLEN)
 			printk("coda_venus_readdir: Invalid dir: %ld\n",
 			ret = -EBADF;

*or* (abbreviated)

#if sizeof(vdir->d_namlen) != sizeof(unsigned char)
#error !!!!! sizeof(vdir->d_namlen) has changed, audit code using it !!!!!

But both of those are uglier than the warning.  ;-)

Institute of Policy and Planning Sciences
University of Tsukuba                    Tennodai 1-1-1 Tsukuba 305-8573 JAPAN
               Ask not how you can "do" free software business;
              ask what your business can "do for" free software.
Received on 2003-09-11 21:06:49