diff options
author | Lennart Poettering <lennart@poettering.net> | 2018-04-27 14:09:31 +0200 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2018-04-27 14:29:06 +0200 |
commit | da6053d0a7c16795e7fac1f9ba6694863918a597 (patch) | |
tree | 0bf9555c57e4770f9ac3c189fbfdddc8265432d7 /src/basic | |
parent | 545673d4b0c1bc4d8cdbe4f326442435af86265a (diff) | |
download | systemd-da6053d0a7c16795e7fac1f9ba6694863918a597.tar.gz |
tree-wide: be more careful with the type of array sizes
Previously we were a bit sloppy with the index and size types of arrays,
we'd regularly use unsigned. While I don't think this ever resulted in
real issues I think we should be more careful there and follow a
stricter regime: unless there's a strong reason not to use size_t for
array sizes and indexes, size_t it should be. Any allocations we do
ultimately will use size_t anyway, and converting forth and back between
unsigned and size_t will always be a source of problems.
Note that on 32bit machines "unsigned" and "size_t" are equivalent, and
on 64bit machines our arrays shouldn't grow that large anyway, and if
they do we have a problem, however that kind of overly large allocation
we have protections for usually, but for overflows we do not have that
so much, hence let's add it.
So yeah, it's a story of the current code being already "good enough",
but I think some extra type hygiene is better.
This patch tries to be comprehensive, but it probably isn't and I missed
a few cases. But I guess we can cover that later as we notice it. Among
smaller fixes, this changes:
1. strv_length()' return type becomes size_t
2. the unit file changes array size becomes size_t
3. DNS answer and query array sizes become size_t
Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=76745
Diffstat (limited to 'src/basic')
-rw-r--r-- | src/basic/calendarspec.c | 4 | ||||
-rw-r--r-- | src/basic/conf-files.c | 2 | ||||
-rw-r--r-- | src/basic/env-util.c | 12 | ||||
-rw-r--r-- | src/basic/env-util.h | 4 | ||||
-rw-r--r-- | src/basic/escape.c | 4 | ||||
-rw-r--r-- | src/basic/fd-util.c | 10 | ||||
-rw-r--r-- | src/basic/fd-util.h | 4 | ||||
-rw-r--r-- | src/basic/io-util.h | 9 | ||||
-rw-r--r-- | src/basic/locale-util.c | 2 | ||||
-rw-r--r-- | src/basic/log.c | 2 | ||||
-rw-r--r-- | src/basic/mempool.c | 9 | ||||
-rw-r--r-- | src/basic/process-util.c | 6 | ||||
-rw-r--r-- | src/basic/process-util.h | 2 | ||||
-rw-r--r-- | src/basic/random-util.c | 2 | ||||
-rw-r--r-- | src/basic/string-util.h | 2 | ||||
-rw-r--r-- | src/basic/strv.c | 22 | ||||
-rw-r--r-- | src/basic/strv.h | 6 | ||||
-rw-r--r-- | src/basic/time-util.c | 8 |
18 files changed, 54 insertions, 56 deletions
diff --git a/src/basic/calendarspec.c b/src/basic/calendarspec.c index 20db9181dc..24867f807b 100644 --- a/src/basic/calendarspec.c +++ b/src/basic/calendarspec.c @@ -84,8 +84,8 @@ static int component_compare(const void *_a, const void *_b) { } static void normalize_chain(CalendarComponent **c) { - unsigned n = 0, k; CalendarComponent **b, *i, **j, *next; + size_t n = 0, k; assert(c); @@ -420,7 +420,7 @@ static int parse_weekdays(const char **p, CalendarSpec *c) { assert(c); for (;;) { - unsigned i; + size_t i; for (i = 0; i < ELEMENTSOF(day_nr); i++) { size_t skip; diff --git a/src/basic/conf-files.c b/src/basic/conf-files.c index 8e0fb06ad9..b5cad5a6e3 100644 --- a/src/basic/conf-files.c +++ b/src/basic/conf-files.c @@ -152,8 +152,8 @@ int conf_files_insert(char ***strv, const char *root, char **dirs, const char *p * - do nothing if our new entry matches the existing entry, * - replace the existing entry if our new entry has higher priority. */ + size_t i; char *t; - unsigned i; int r; for (i = 0; i < strv_length(*strv); i++) { diff --git a/src/basic/env-util.c b/src/basic/env-util.c index 105fa7973d..0ebf66c572 100644 --- a/src/basic/env-util.c +++ b/src/basic/env-util.c @@ -196,11 +196,11 @@ static int env_append(char **r, char ***k, char **a) { return 0; } -char **strv_env_merge(unsigned n_lists, ...) { +char **strv_env_merge(size_t n_lists, ...) { size_t n = 0; char **l, **k, **r; va_list ap; - unsigned i; + size_t i; /* Merges an arbitrary number of environment sets */ @@ -275,7 +275,7 @@ static bool env_entry_has_name(const char *entry, const char *name) { return *t == '='; } -char **strv_env_delete(char **x, unsigned n_lists, ...) { +char **strv_env_delete(char **x, size_t n_lists, ...) { size_t n, i = 0; char **k, **r; va_list ap; @@ -290,7 +290,7 @@ char **strv_env_delete(char **x, unsigned n_lists, ...) { return NULL; STRV_FOREACH(k, x) { - unsigned v; + size_t v; va_start(ap, n_lists); for (v = 0; v < n_lists; v++) { @@ -676,7 +676,7 @@ char *replace_env_n(const char *format, size_t n, char **env, unsigned flags) { char **replace_env_argv(char **argv, char **env) { char **ret, **i; - unsigned k = 0, l = 0; + size_t k = 0, l = 0; l = strv_length(argv); @@ -690,7 +690,7 @@ char **replace_env_argv(char **argv, char **env) { if ((*i)[0] == '$' && !IN_SET((*i)[1], '{', '$')) { char *e; char **w, **m = NULL; - unsigned q; + size_t q; e = strv_env_get(env, *i+1); if (e) { diff --git a/src/basic/env-util.h b/src/basic/env-util.h index 5aa3525095..3d7e14ccb1 100644 --- a/src/basic/env-util.h +++ b/src/basic/env-util.h @@ -37,8 +37,8 @@ char **strv_env_clean_with_callback(char **l, void (*invalid_callback)(const cha bool strv_env_name_is_valid(char **l); bool strv_env_name_or_assignment_is_valid(char **l); -char **strv_env_merge(unsigned n_lists, ...); -char **strv_env_delete(char **x, unsigned n_lists, ...); /* New copy */ +char **strv_env_merge(size_t n_lists, ...); +char **strv_env_delete(char **x, size_t n_lists, ...); /* New copy */ char **strv_env_set(char **x, const char *p); /* New copy ... */ char **strv_env_unset(char **l, const char *p); /* In place ... */ diff --git a/src/basic/escape.c b/src/basic/escape.c index 8b39d53f84..fe951e3db8 100644 --- a/src/basic/escape.c +++ b/src/basic/escape.c @@ -188,7 +188,7 @@ int cunescape_one(const char *p, size_t length, char32_t *ret, bool *eight_bit) /* C++11 style 16bit unicode */ int a[4]; - unsigned i; + size_t i; uint32_t c; if (length != (size_t) -1 && length < 5) @@ -215,7 +215,7 @@ int cunescape_one(const char *p, size_t length, char32_t *ret, bool *eight_bit) /* C++11 style 32bit unicode */ int a[8]; - unsigned i; + size_t i; char32_t c; if (length != (size_t) -1 && length < 9) diff --git a/src/basic/fd-util.c b/src/basic/fd-util.c index 1159f83075..4b3e7ed557 100644 --- a/src/basic/fd-util.c +++ b/src/basic/fd-util.c @@ -85,8 +85,8 @@ void safe_close_pair(int p[]) { p[1] = safe_close(p[1]); } -void close_many(const int fds[], unsigned n_fd) { - unsigned i; +void close_many(const int fds[], size_t n_fd) { + size_t i; assert(fds || n_fd <= 0); @@ -178,8 +178,8 @@ int fd_cloexec(int fd, bool cloexec) { return 0; } -_pure_ static bool fd_in_set(int fd, const int fdset[], unsigned n_fdset) { - unsigned i; +_pure_ static bool fd_in_set(int fd, const int fdset[], size_t n_fdset) { + size_t i; assert(n_fdset == 0 || fdset); @@ -190,7 +190,7 @@ _pure_ static bool fd_in_set(int fd, const int fdset[], unsigned n_fdset) { return false; } -int close_all_fds(const int except[], unsigned n_except) { +int close_all_fds(const int except[], size_t n_except) { _cleanup_closedir_ DIR *d = NULL; struct dirent *de; int r = 0; diff --git a/src/basic/fd-util.h b/src/basic/fd-util.h index ded022f738..89c3f34c7b 100644 --- a/src/basic/fd-util.h +++ b/src/basic/fd-util.h @@ -29,7 +29,7 @@ static inline int safe_close_above_stdio(int fd) { return safe_close(fd); } -void close_many(const int fds[], unsigned n_fd); +void close_many(const int fds[], size_t n_fd); int fclose_nointr(FILE *f); FILE* safe_fclose(FILE *f); @@ -59,7 +59,7 @@ DEFINE_TRIVIAL_CLEANUP_FUNC(DIR*, closedir); int fd_nonblock(int fd, bool nonblock); int fd_cloexec(int fd, bool cloexec); -int close_all_fds(const int except[], unsigned n_except); +int close_all_fds(const int except[], size_t n_except); int same_fd(int a, int b); diff --git a/src/basic/io-util.h b/src/basic/io-util.h index c34d97c653..e4717b6f30 100644 --- a/src/basic/io-util.h +++ b/src/basic/io-util.h @@ -28,9 +28,8 @@ int fd_wait_for_event(int fd, int event, usec_t timeout); ssize_t sparse_write(int fd, const void *p, size_t sz, size_t run_length); -static inline size_t IOVEC_TOTAL_SIZE(const struct iovec *i, unsigned n) { - unsigned j; - size_t r = 0; +static inline size_t IOVEC_TOTAL_SIZE(const struct iovec *i, size_t n) { + size_t j, r = 0; for (j = 0; j < n; j++) r += i[j].iov_len; @@ -38,8 +37,8 @@ static inline size_t IOVEC_TOTAL_SIZE(const struct iovec *i, unsigned n) { return r; } -static inline size_t IOVEC_INCREMENT(struct iovec *i, unsigned n, size_t k) { - unsigned j; +static inline size_t IOVEC_INCREMENT(struct iovec *i, size_t n, size_t k) { + size_t j; for (j = 0; j < n; j++) { size_t sub; diff --git a/src/basic/locale-util.c b/src/basic/locale-util.c index 9c3f757da7..0a32bca8e8 100644 --- a/src/basic/locale-util.c +++ b/src/basic/locale-util.c @@ -71,7 +71,7 @@ static int add_locales_from_archive(Set *locales) { _cleanup_close_ int fd = -1; size_t sz = 0; struct stat st; - unsigned i; + size_t i; int r; fd = open("/usr/lib/locale/locale-archive", O_RDONLY|O_NOCTTY|O_CLOEXEC); diff --git a/src/basic/log.c b/src/basic/log.c index bab61d3140..77d016ecb3 100644 --- a/src/basic/log.c +++ b/src/basic/log.c @@ -341,8 +341,8 @@ static int write_to_console( char location[256], prefix[1 + DECIMAL_STR_MAX(int) + 2]; struct iovec iovec[6] = {}; - unsigned n = 0; bool highlight; + size_t n = 0; if (console_fd < 0) return 0; diff --git a/src/basic/mempool.c b/src/basic/mempool.c index de04215ee9..4be4a3d38e 100644 --- a/src/basic/mempool.c +++ b/src/basic/mempool.c @@ -15,12 +15,12 @@ struct pool { struct pool *next; - unsigned n_tiles; - unsigned n_used; + size_t n_tiles; + size_t n_used; }; void* mempool_alloc_tile(struct mempool *mp) { - unsigned i; + size_t i; /* When a tile is released we add it to the list and simply * place the next pointer at its offset 0. */ @@ -38,8 +38,7 @@ void* mempool_alloc_tile(struct mempool *mp) { if (_unlikely_(!mp->first_pool) || _unlikely_(mp->first_pool->n_used >= mp->first_pool->n_tiles)) { - unsigned n; - size_t size; + size_t size, n; struct pool *p; n = mp->first_pool ? mp->first_pool->n_tiles : 0; diff --git a/src/basic/process-util.c b/src/basic/process-util.c index 76bc9a0cb6..960920d3dd 100644 --- a/src/basic/process-util.c +++ b/src/basic/process-util.c @@ -880,7 +880,7 @@ int getenv_for_pid(pid_t pid, const char *field, char **ret) { do { char line[LINE_MAX]; - unsigned i; + size_t i; for (i = 0; i < sizeof(line)-1; i++) { int c; @@ -1375,9 +1375,9 @@ int safe_fork_full( return 0; } -int fork_agent(const char *name, const int except[], unsigned n_except, pid_t *ret_pid, const char *path, ...) { +int fork_agent(const char *name, const int except[], size_t n_except, pid_t *ret_pid, const char *path, ...) { bool stdout_is_tty, stderr_is_tty; - unsigned n, i; + size_t n, i; va_list ap; char **l; int r; diff --git a/src/basic/process-util.h b/src/basic/process-util.h index 49d28cdf40..f8d1b5e3e8 100644 --- a/src/basic/process-util.h +++ b/src/basic/process-util.h @@ -171,7 +171,7 @@ static inline int safe_fork(const char *name, ForkFlags flags, pid_t *ret_pid) { return safe_fork_full(name, NULL, 0, flags, ret_pid); } -int fork_agent(const char *name, const int except[], unsigned n_except, pid_t *pid, const char *path, ...); +int fork_agent(const char *name, const int except[], size_t n_except, pid_t *pid, const char *path, ...); #if SIZEOF_PID_T == 4 /* The highest possibly (theoretic) pid_t value on this architecture. */ diff --git a/src/basic/random-util.c b/src/basic/random-util.c index 1623932f18..0750083b88 100644 --- a/src/basic/random-util.c +++ b/src/basic/random-util.c @@ -35,7 +35,7 @@ int acquire_random_bytes(void *p, size_t n, bool high_quality_required) { static int have_syscall = -1; _cleanup_close_ int fd = -1; - unsigned already_done = 0; + size_t already_done = 0; int r; /* Gathers some randomness from the kernel. This call will never block. If diff --git a/src/basic/string-util.h b/src/basic/string-util.h index 4f500c87d4..3004b924bd 100644 --- a/src/basic/string-util.h +++ b/src/basic/string-util.h @@ -109,7 +109,7 @@ char *strjoin_real(const char *x, ...) _sentinel_; const char *_appendees_[] = { a, __VA_ARGS__ }; \ char *_d_, *_p_; \ size_t _len_ = 0; \ - unsigned _i_; \ + size_t _i_; \ for (_i_ = 0; _i_ < ELEMENTSOF(_appendees_) && _appendees_[_i_]; _i_++) \ _len_ += strlen(_appendees_[_i_]); \ _p_ = _d_ = alloca(_len_ + 1); \ diff --git a/src/basic/strv.c b/src/basic/strv.c index 07ac8834be..cb91f239e8 100644 --- a/src/basic/strv.c +++ b/src/basic/strv.c @@ -107,8 +107,8 @@ char **strv_copy(char * const *l) { return r; } -unsigned strv_length(char * const *l) { - unsigned n = 0; +size_t strv_length(char * const *l) { + size_t n = 0; if (!l) return 0; @@ -122,7 +122,7 @@ unsigned strv_length(char * const *l) { char **strv_new_ap(const char *x, va_list ap) { const char *s; char **a; - unsigned n = 0, i = 0; + size_t n = 0, i = 0; va_list aq; /* As a special trick we ignore all listed strings that equal @@ -257,7 +257,7 @@ int strv_extend_strv_concat(char ***a, char **b, const char *suffix) { char **strv_split(const char *s, const char *separator) { const char *word, *state; size_t l; - unsigned n, i; + size_t n, i; char **r; assert(s); @@ -287,7 +287,7 @@ char **strv_split(const char *s, const char *separator) { char **strv_split_newlines(const char *s) { char **l; - unsigned n; + size_t n; assert(s); @@ -380,7 +380,7 @@ char *strv_join(char **l, const char *separator) { int strv_push(char ***l, char *value) { char **c; - unsigned n, m; + size_t n, m; if (!value) return 0; @@ -405,7 +405,7 @@ int strv_push(char ***l, char *value) { int strv_push_pair(char ***l, char *a, char *b) { char **c; - unsigned n, m; + size_t n, m; if (!a && !b) return 0; @@ -431,9 +431,9 @@ int strv_push_pair(char ***l, char *a, char *b) { return 0; } -int strv_insert(char ***l, unsigned position, char *value) { +int strv_insert(char ***l, size_t position, char *value) { char **c; - unsigned n, m, i; + size_t n, m, i; if (!value) return 0; @@ -601,7 +601,7 @@ char **strv_parse_nulstr(const char *s, size_t l) { */ const char *p; - unsigned c = 0, i = 0; + size_t c = 0, i = 0; char **v; assert(s || l <= 0); @@ -765,7 +765,7 @@ int strv_extendf(char ***l, const char *format, ...) { } char **strv_reverse(char **l) { - unsigned n, i; + size_t n, i; n = strv_length(l); if (n <= 1) diff --git a/src/basic/strv.h b/src/basic/strv.h index 79512c0ce3..958c5f3a98 100644 --- a/src/basic/strv.h +++ b/src/basic/strv.h @@ -32,7 +32,7 @@ DEFINE_TRIVIAL_CLEANUP_FUNC(char**, strv_free_erase); void strv_clear(char **l); char **strv_copy(char * const *l); -unsigned strv_length(char * const *l) _pure_; +size_t strv_length(char * const *l) _pure_; int strv_extend_strv(char ***a, char **b, bool filter_duplicates); int strv_extend_strv_concat(char ***a, char **b, const char *suffix); @@ -41,7 +41,7 @@ int strv_extendf(char ***l, const char *format, ...) _printf_(2,0); int strv_extend_front(char ***l, const char *value); int strv_push(char ***l, char *value); int strv_push_pair(char ***l, char *a, char *b); -int strv_insert(char ***l, unsigned position, char *value); +int strv_insert(char ***l, size_t position, char *value); static inline int strv_push_prepend(char ***l, char *value) { return strv_insert(l, 0, value); @@ -113,7 +113,7 @@ void strv_print(char **l); if (!first) \ _l = (char**) &first; \ else { \ - unsigned _n; \ + size_t _n; \ va_list _ap; \ \ _n = 1; \ diff --git a/src/basic/time-util.c b/src/basic/time-util.c index f7067e9d0c..0880d00ef3 100644 --- a/src/basic/time-util.c +++ b/src/basic/time-util.c @@ -434,7 +434,7 @@ char *format_timespan(char *buf, size_t l, usec_t t, usec_t accuracy) { { "us", 1 }, }; - unsigned i; + size_t i; char *p = buf; bool something = false; @@ -612,7 +612,7 @@ static int parse_timestamp_impl(const char *t, usec_t *usec, bool with_tz) { time_t x; usec_t x_usec, plus = 0, minus = 0, ret; int r, weekday = -1, dst = -1; - unsigned i; + size_t i; /* * Allowed syntaxes: @@ -960,7 +960,7 @@ static char* extract_multiplier(char *p, usec_t *multiplier) { { "us", 1ULL }, { "µs", 1ULL }, }; - unsigned i; + size_t i; for (i = 0; i < ELEMENTSOF(table); i++) { char *e; @@ -1134,8 +1134,8 @@ int parse_nsec(const char *t, nsec_t *nsec) { for (;;) { long long l, z = 0; + size_t n = 0, i; char *e; - unsigned i, n = 0; p += strspn(p, WHITESPACE); |