src/libadacl.c: cast two fgetxattr() and fsetxattr() params to size_t.

The two functions fgetxattr() and fsetxattr() take an unsigned "size"
parameter as arguments. We are passing them signed integers that we
happen to know are nonnegative, since we have ruled out the one
possible negative value -- but the compiler doesn't know that. To
avoid a warning from clang, we now cast the parameters to the
(unsigned) size_t type.

diff --git a/src/libadacl.c b/src/libadacl.c
index 53bd380a06013c5475d37c15b19ec59ad2a9c393..cdd07fcfee7c7400256e9ea619cc6abea99a195d 100644 (file)
--- a/src/libadacl.c
+++ b/src/libadacl.c
@@ -607,8 +607,14 @@ int acl_copy_xattr(int src_fd,
     return ACL_ERROR;
   }
   char* src_acl_p = alloca(src_size_guess);
-  /* The actual size may be smaller than our guess? I don't know. */
-  ssize_t src_size = fgetxattr(src_fd, src_name, src_acl_p, src_size_guess);
+  /* The actual size may be smaller than our guess? I don't know. The
+     return value from fgetxattr() will either be nonnegative, or
+     XATTR_ERROR (which we've already ruled out), so it's safe to cast
+     it to an unsigned size_t here to avoid a compiler warning. */
+  ssize_t src_size = fgetxattr(src_fd,
+                               src_name,
+                               src_acl_p,
+                               (size_t)src_size_guess);
   if (src_size == XATTR_ERROR) {
     if (errno == ENODATA) {
       /* A missing ACL isn't an error. */
@@ -618,7 +624,14 @@ int acl_copy_xattr(int src_fd,
     return ACL_ERROR;
   }
 
-  if (fsetxattr(dst_fd, dst_name, src_acl_p, src_size, 0) == XATTR_ERROR) {
+  /* See above: src_size must be nonnegative at this point,so we cast
+     it to size_t to avoid a compiler warning. */
+  if (fsetxattr(dst_fd,
+                dst_name,
+                src_acl_p,
+                (size_t)src_size,
+                0)
+      == XATTR_ERROR) {
     perror("acl_copy_xattr (fsetxattr)");
     return ACL_ERROR;
   }