From: D. Hugh Redelmeier
> Sent: 09 September 2015 21:24
...
> 2) if you use the type "unsigned int" on a 32-bit machine, you get the
> warning for an earlier conjunct:
>
> #define NLMSG_OK(nlh,len) ((len) >= (int)sizeof(struct nlmsghdr) && \
> (nlh)->nlmsg_len >= sizeof(struct nlmsghdr) && \
> (nlh)->nlmsg_len <= (len))
>
> (len) >= (int)sizeof(struct nlmsghdr) <=== unsigned >= int
>
> 3) on a 32-bit machine, size_t is likely "unsigned int" so the
> same problem as (2) should arise.
>
> 4) on a 64-bit machine with 64-bit ints, the same problems are likely.
> I don't have one to test on.
>
> Casting to "short" or "unsigned short" works, but I don't know that
> the value is guaranteed to fit in either of them.
Why not cast (nlh)->nl_msg_len instead?
Or subtract the two values and compare against zero?
Perhaps:
(typeof (len))(nlh)->nlmsg_len <= (len)
which is almost certainly safe unless 'len' is 'signed char'.
David
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
