From dcaa939a0e09bceb1392488fa126232629a63aa8 Mon Sep 17 00:00:00 2001 From: Michael Orlitzky Date: Wed, 28 Mar 2018 21:41:31 -0400 Subject: [PATCH] src/libadacl.c: cast two fgetxattr() and fsetxattr() params to size_t. The two functions fgetxattr() and fsetxattr() take an unsigned "size" parameter as arguments. We are passing them signed integers that we happen to know are nonnegative, since we have ruled out the one possible negative value -- but the compiler doesn't know that. To avoid a warning from clang, we now cast the parameters to the (unsigned) size_t type. --- src/libadacl.c | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/src/libadacl.c b/src/libadacl.c index 53bd380..cdd07fc 100644 --- a/src/libadacl.c +++ b/src/libadacl.c @@ -607,8 +607,14 @@ int acl_copy_xattr(int src_fd, return ACL_ERROR; } char* src_acl_p = alloca(src_size_guess); - /* The actual size may be smaller than our guess? I don't know. */ - ssize_t src_size = fgetxattr(src_fd, src_name, src_acl_p, src_size_guess); + /* The actual size may be smaller than our guess? I don't know. The + return value from fgetxattr() will either be nonnegative, or + XATTR_ERROR (which we've already ruled out), so it's safe to cast + it to an unsigned size_t here to avoid a compiler warning. */ + ssize_t src_size = fgetxattr(src_fd, + src_name, + src_acl_p, + (size_t)src_size_guess); if (src_size == XATTR_ERROR) { if (errno == ENODATA) { /* A missing ACL isn't an error. */ @@ -618,7 +624,14 @@ int acl_copy_xattr(int src_fd, return ACL_ERROR; } - if (fsetxattr(dst_fd, dst_name, src_acl_p, src_size, 0) == XATTR_ERROR) { + /* See above: src_size must be nonnegative at this point,so we cast + it to size_t to avoid a compiler warning. */ + if (fsetxattr(dst_fd, + dst_name, + src_acl_p, + (size_t)src_size, + 0) + == XATTR_ERROR) { perror("acl_copy_xattr (fsetxattr)"); return ACL_ERROR; } -- 2.43.2