net: dccp: fix sign bug

'gap' is unsigned, so this code is wrong: gap = -new_head; ... if (gap > 0) { ... } Make 'gap' signed. The semantic patch that finds this problem (many false-positive results): (http://coccinelle.lip6.fr/) // <smpl> @ r1 @ identifier f; @@ int f(...) { ... } @@ identifier r1.f; type T; unsigned T x; @@ *x = f(...) ... *x > 0 Signed-off-by: N Kulikov Vasiliy <segooon@gmail.com> Signed-off-by: N David S. Miller <davem@davemloft.net>

net: dccp: fix sign bug
'gap' is unsigned, so this code is wrong: gap = -new_head; ... if (gap > 0) { ... } Make 'gap' signed. The semantic patch that finds this problem (many false-positive results): (http://coccinelle.lip6.fr/) // <smpl> @ r1 @ identifier f; @@ int f(...) { ... } @@ identifier r1.f; type T; unsigned T x; @@ *x = f(...) ... *x > 0 Signed-off-by: N Kulikov Vasiliy <segooon@gmail.com> Signed-off-by: N David S. Miller <davem@davemloft.net>
8e64159d · Kulikov Vasiliy · David S. Miller · bfc978fa · 8e64159d
隐藏空白更改
内联并排

Showing with 1 addition and 1 deletion

net/dccp/ackvec.c net/dccp/ackvec.c +1 -1

未找到文件。
--- a/net/dccp/ackvec.c
+++ b/net/dccp/ackvec.c
@@ -201,7 +201,7 @@ static inline int dccp_ackvec_set_buf_head_state(struct dccp_ackvec *av,
 						 const unsigned int packets,
 						 const unsigned char state)
 {
-	unsigned int gap;
+	long gap;
 	long new_head;
 	if (av->av_vec_len + packets > DCCP_MAX_ACKVEC_LEN)