From da6053d0a7c16795e7fac1f9ba6694863918a597 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Fri, 27 Apr 2018 14:09:31 +0200 Subject: tree-wide: be more careful with the type of array sizes Previously we were a bit sloppy with the index and size types of arrays, we'd regularly use unsigned. While I don't think this ever resulted in real issues I think we should be more careful there and follow a stricter regime: unless there's a strong reason not to use size_t for array sizes and indexes, size_t it should be. Any allocations we do ultimately will use size_t anyway, and converting forth and back between unsigned and size_t will always be a source of problems. Note that on 32bit machines "unsigned" and "size_t" are equivalent, and on 64bit machines our arrays shouldn't grow that large anyway, and if they do we have a problem, however that kind of overly large allocation we have protections for usually, but for overflows we do not have that so much, hence let's add it. So yeah, it's a story of the current code being already "good enough", but I think some extra type hygiene is better. This patch tries to be comprehensive, but it probably isn't and I missed a few cases. But I guess we can cover that later as we notice it. Among smaller fixes, this changes: 1. strv_length()' return type becomes size_t 2. the unit file changes array size becomes size_t 3. DNS answer and query array sizes become size_t Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=76745 --- src/activate/activate.c | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) (limited to 'src/activate') diff --git a/src/activate/activate.c b/src/activate/activate.c index d598965b47..9d027432f3 100644 --- a/src/activate/activate.c +++ b/src/activate/activate.c @@ -116,11 +116,11 @@ static int open_sockets(int *epoll_fd, bool accept) { return count; } -static int exec_process(const char* name, char **argv, char **env, int start_fd, int n_fds) { +static int exec_process(const char* name, char **argv, char **env, int start_fd, size_t n_fds) { _cleanup_strv_free_ char **envp = NULL; _cleanup_free_ char *joined = NULL; - unsigned n_env = 0, length; + size_t n_env = 0, length; const char *tocopy; char **s; int r; @@ -199,7 +199,7 @@ static int exec_process(const char* name, char **argv, char **env, int start_fd, start_fd = SD_LISTEN_FDS_START; } - if (asprintf((char**)(envp + n_env++), "LISTEN_FDS=%i", n_fds) < 0) + if (asprintf((char**)(envp + n_env++), "LISTEN_FDS=%zu", n_fds) < 0) return log_oom(); if (asprintf((char**)(envp + n_env++), "LISTEN_PID=" PID_FMT, getpid_cached()) < 0) @@ -209,18 +209,18 @@ static int exec_process(const char* name, char **argv, char **env, int start_fd, _cleanup_free_ char *names = NULL; size_t len; char *e; - int i; len = strv_length(arg_fdnames); - if (len == 1) + if (len == 1) { + size_t i; + for (i = 1; i < n_fds; i++) { r = strv_extend(&arg_fdnames, arg_fdnames[0]); if (r < 0) return log_error_errno(r, "Failed to extend strv: %m"); } - else if (len != (unsigned) n_fds) - log_warning("The number of fd names is different than number of fds: %zu vs %d", - len, n_fds); + } else if (len != n_fds) + log_warning("The number of fd names is different than number of fds: %zu vs %zu", len, n_fds); names = strv_join(arg_fdnames, ":"); if (!names) @@ -501,7 +501,7 @@ int main(int argc, char **argv, char **envp) { break; } - exec_process(argv[optind], argv + optind, envp, SD_LISTEN_FDS_START, n); + exec_process(argv[optind], argv + optind, envp, SD_LISTEN_FDS_START, (size_t) n); return EXIT_SUCCESS; } -- cgit v1.2.1