Enable and resolve sign comparisson warnings
Comparisson of different signedness can result in unexpected results due to implicit conversions. ../network.c:81:34: warning: comparison of integer expressions of different signedness: ‘__u32’ {aka ‘unsigned int’} and ‘int’ [-Wsign-compare] 81 | if (rheader->nlmsg_seq != seq_nr) | ^~ ../network.c:83:34: warning: comparison of integer expressions of different signedness: ‘__u32’ {aka ‘unsigned int’} and ‘__pid_t’ {aka ‘int’} [-Wsign-compare] 83 | if (rheader->nlmsg_pid != getpid ()) | ^~ ../bind-mount.c:268:17: warning: comparison of integer expressions of different signedness: ‘int’ and ‘unsigned int’ [-Wsign-compare] 268 | assert (i < n_lines); | ^ ../bind-mount.c:309:13: warning: comparison of integer expressions of different signedness: ‘int’ and ‘unsigned int’ [-Wsign-compare] 309 | assert (i == n_lines); | ^~ ../bind-mount.c:318:17: warning: comparison of integer expressions of different signedness: ‘int’ and ‘unsigned int’ [-Wsign-compare] 318 | for (i = 0; i < n_lines; i++) | ^ ../bind-mount.c:321:17: warning: comparison of integer expressions of different signedness: ‘int’ and ‘unsigned int’ [-Wsign-compare] 321 | for (i = 0; i < n_lines; i++) | ^ ../utils.c:818:19: warning: comparison of integer expressions of different signedness: ‘size_t’ {aka ‘long unsigned int’} and ‘ssize_t’ {aka ‘long int’} [-Wsign-compare] 818 | while (size - 2 < n); | ^ ../bubblewrap.c:489:13: warning: comparison of integer expressions of different signedness: ‘int’ and ‘long unsigned int’ [-Wsign-compare] 489 | assert (j < sizeof(dont_close)/sizeof(*dont_close)); | ^ ../bubblewrap.c:994:25: warning: comparison of integer expressions of different signedness: ‘int’ and ‘uid_t’ {aka ‘unsigned int’} [-Wsign-compare] 994 | if (setfsuid (-1) != real_uid) | ^~ ../bubblewrap.c:1042:61: warning: comparison of integer expressions of different signedness: ‘ssize_t’ {aka ‘long int’} and ‘size_t’ {aka ‘long unsigned int’} [-Wsign-compare] 1042 | if (write (privileged_op_socket, buffer, buffer_size) != buffer_size) | ^~ ../bubblewrap.c:1232:25: warning: comparison of integer expressions of different signedness: ‘int’ and ‘long unsigned int’ [-Wsign-compare] 1232 | for (i = 0; i < N_ELEMENTS (cover_proc_dirs); i++) | ^ ../bubblewrap.c:1260:25: warning: comparison of integer expressions of different signedness: ‘int’ and ‘long unsigned int’ [-Wsign-compare] 1260 | for (i = 0; i < N_ELEMENTS (devnodes); i++) | ^ ../bubblewrap.c:1272:25: warning: comparison of integer expressions of different signedness: ‘int’ and ‘long unsigned int’ [-Wsign-compare] 1272 | for (i = 0; i < N_ELEMENTS (stdionodes); i++) | ^ ../bubblewrap.c: In function ‘read_priv_sec_op’: ../bubblewrap.c:1556:15: warning: comparison of integer expressions of different signedness: ‘ssize_t’ {aka ‘long int’} and ‘long unsigned int’ [-Wsign-compare] 1556 | if (rec_len < sizeof (PrivSepOp)) | ^ ../bubblewrap.c:1626:28: warning: comparison of integer expressions of different signedness: ‘int’ and ‘uint32_t’ {aka ‘unsigned int’} [-Wsign-compare] 1626 | if (*total_parsed_argc_p > MAX_ARGS) | ^ ../bubblewrap.c:1681:40: warning: comparison of integer expressions of different signedness: ‘int’ and ‘uint32_t’ {aka ‘unsigned int’} [-Wsign-compare] 1681 | if (*total_parsed_argc_p > MAX_ARGS) | ^ ../bubblewrap.c:2265:31: warning: comparison of integer expressions of different signedness: ‘uid_t’ {aka ‘unsigned int’} and ‘int’ [-Wsign-compare] 2265 | if (opt_sandbox_uid != -1) | ^~ ../bubblewrap.c:2285:31: warning: comparison of integer expressions of different signedness: ‘gid_t’ {aka ‘unsigned int’} and ‘int’ [-Wsign-compare] 2285 | if (opt_sandbox_gid != -1) | ^~ ../bubblewrap.c:2678:23: warning: comparison of integer expressions of different signedness: ‘uid_t’ {aka ‘unsigned int’} and ‘int’ [-Wsign-compare] 2678 | if (opt_sandbox_uid == -1) | ^~ ../bubblewrap.c:2680:23: warning: comparison of integer expressions of different signedness: ‘gid_t’ {aka ‘unsigned int’} and ‘int’ [-Wsign-compare] 2680 | if (opt_sandbox_gid == -1) | ^~ Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
This commit is contained in:
@@ -237,7 +237,7 @@ parse_mountinfo (int proc_fd,
|
|||||||
MountInfo *end_tab;
|
MountInfo *end_tab;
|
||||||
int n_mounts;
|
int n_mounts;
|
||||||
char *line;
|
char *line;
|
||||||
int i;
|
unsigned int i;
|
||||||
int max_id;
|
int max_id;
|
||||||
unsigned int n_lines;
|
unsigned int n_lines;
|
||||||
int root;
|
int root;
|
||||||
|
20
bubblewrap.c
20
bubblewrap.c
@@ -496,7 +496,7 @@ monitor_child (int event_fd, pid_t child_pid, int setup_finished_fd)
|
|||||||
int num_fds;
|
int num_fds;
|
||||||
struct signalfd_siginfo fdsi;
|
struct signalfd_siginfo fdsi;
|
||||||
int dont_close[] = {-1, -1, -1, -1};
|
int dont_close[] = {-1, -1, -1, -1};
|
||||||
int j = 0;
|
unsigned int j = 0;
|
||||||
int exitc;
|
int exitc;
|
||||||
pid_t died_pid;
|
pid_t died_pid;
|
||||||
int died_status;
|
int died_status;
|
||||||
@@ -1014,7 +1014,7 @@ write_uid_gid_map (uid_t sandbox_uid,
|
|||||||
if (is_privileged)
|
if (is_privileged)
|
||||||
{
|
{
|
||||||
setfsuid (old_fsuid);
|
setfsuid (old_fsuid);
|
||||||
if (setfsuid (-1) != real_uid)
|
if ((uid_t) setfsuid (-1) != real_uid)
|
||||||
die ("Unable to re-set fsuid");
|
die ("Unable to re-set fsuid");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -1065,7 +1065,7 @@ privileged_op (int privileged_op_socket,
|
|||||||
if (arg2 != NULL)
|
if (arg2 != NULL)
|
||||||
strcpy ((char *) buffer + arg2_offset, arg2);
|
strcpy ((char *) buffer + arg2_offset, arg2);
|
||||||
|
|
||||||
if (write (privileged_op_socket, buffer, buffer_size) != buffer_size)
|
if (write (privileged_op_socket, buffer, buffer_size) != (ssize_t)buffer_size)
|
||||||
die ("Can't write to privileged_op_socket");
|
die ("Can't write to privileged_op_socket");
|
||||||
|
|
||||||
if (read (privileged_op_socket, buffer, 1) != 1)
|
if (read (privileged_op_socket, buffer, 1) != 1)
|
||||||
@@ -1182,7 +1182,7 @@ setup_newroot (bool unshare_pid,
|
|||||||
cleanup_free char *source = NULL;
|
cleanup_free char *source = NULL;
|
||||||
cleanup_free char *dest = NULL;
|
cleanup_free char *dest = NULL;
|
||||||
int source_mode = 0;
|
int source_mode = 0;
|
||||||
int i;
|
unsigned int i;
|
||||||
|
|
||||||
if (op->source &&
|
if (op->source &&
|
||||||
op->type != SETUP_MAKE_SYMLINK)
|
op->type != SETUP_MAKE_SYMLINK)
|
||||||
@@ -1593,7 +1593,7 @@ read_priv_sec_op (int read_socket,
|
|||||||
if (rec_len == 0)
|
if (rec_len == 0)
|
||||||
exit (1); /* Privileged helper died and printed error, so exit silently */
|
exit (1); /* Privileged helper died and printed error, so exit silently */
|
||||||
|
|
||||||
if (rec_len < sizeof (PrivSepOp))
|
if ((size_t)rec_len < sizeof (PrivSepOp))
|
||||||
die ("Invalid size %zd from unprivileged helper", rec_len);
|
die ("Invalid size %zd from unprivileged helper", rec_len);
|
||||||
|
|
||||||
/* Guarantee zero termination of any strings */
|
/* Guarantee zero termination of any strings */
|
||||||
@@ -1647,7 +1647,7 @@ parse_args_recurse (int *argcp,
|
|||||||
* I picked 9000 because the Internet told me to and it was hard to
|
* I picked 9000 because the Internet told me to and it was hard to
|
||||||
* resist.
|
* resist.
|
||||||
*/
|
*/
|
||||||
static const uint32_t MAX_ARGS = 9000;
|
static const int32_t MAX_ARGS = 9000;
|
||||||
|
|
||||||
if (*total_parsed_argc_p > MAX_ARGS)
|
if (*total_parsed_argc_p > MAX_ARGS)
|
||||||
die ("Exceeded maximum number of arguments %u", MAX_ARGS);
|
die ("Exceeded maximum number of arguments %u", MAX_ARGS);
|
||||||
@@ -2300,7 +2300,7 @@ parse_args_recurse (int *argcp,
|
|||||||
if (argc < 2)
|
if (argc < 2)
|
||||||
die ("--uid takes an argument");
|
die ("--uid takes an argument");
|
||||||
|
|
||||||
if (opt_sandbox_uid != -1)
|
if (opt_sandbox_uid != (uid_t)-1)
|
||||||
warn_only_last_option ("--uid");
|
warn_only_last_option ("--uid");
|
||||||
|
|
||||||
the_uid = strtol (argv[1], &endptr, 10);
|
the_uid = strtol (argv[1], &endptr, 10);
|
||||||
@@ -2320,7 +2320,7 @@ parse_args_recurse (int *argcp,
|
|||||||
if (argc < 2)
|
if (argc < 2)
|
||||||
die ("--gid takes an argument");
|
die ("--gid takes an argument");
|
||||||
|
|
||||||
if (opt_sandbox_gid != -1)
|
if (opt_sandbox_gid != (gid_t)-1)
|
||||||
warn_only_last_option ("--gid");
|
warn_only_last_option ("--gid");
|
||||||
|
|
||||||
the_gid = strtol (argv[1], &endptr, 10);
|
the_gid = strtol (argv[1], &endptr, 10);
|
||||||
@@ -2768,9 +2768,9 @@ main (int argc,
|
|||||||
|
|
||||||
__debug__ (("Creating root mount point\n"));
|
__debug__ (("Creating root mount point\n"));
|
||||||
|
|
||||||
if (opt_sandbox_uid == -1)
|
if (opt_sandbox_uid == (uid_t)-1)
|
||||||
opt_sandbox_uid = real_uid;
|
opt_sandbox_uid = real_uid;
|
||||||
if (opt_sandbox_gid == -1)
|
if (opt_sandbox_gid == (gid_t)-1)
|
||||||
opt_sandbox_gid = real_gid;
|
opt_sandbox_gid = real_gid;
|
||||||
|
|
||||||
if (!opt_unshare_user && opt_userns_fd == -1 && opt_sandbox_uid != real_uid)
|
if (!opt_unshare_user && opt_userns_fd == -1 && opt_sandbox_uid != real_uid)
|
||||||
|
@@ -37,11 +37,6 @@ add_project_arguments(
|
|||||||
'-Werror=switch-default',
|
'-Werror=switch-default',
|
||||||
'-Wswitch-enum',
|
'-Wswitch-enum',
|
||||||
|
|
||||||
# Meson warning_level=2 would do this, but we are not fully
|
|
||||||
# signedness-safe yet
|
|
||||||
'-Wno-sign-compare',
|
|
||||||
'-Wno-error=sign-compare',
|
|
||||||
|
|
||||||
# Deliberately not warning about these, ability to zero-initialize
|
# Deliberately not warning about these, ability to zero-initialize
|
||||||
# a struct is a feature
|
# a struct is a feature
|
||||||
'-Wno-missing-field-initializers',
|
'-Wno-missing-field-initializers',
|
||||||
|
@@ -62,8 +62,8 @@ rtnl_send_request (int rtnl_fd,
|
|||||||
}
|
}
|
||||||
|
|
||||||
static int
|
static int
|
||||||
rtnl_read_reply (int rtnl_fd,
|
rtnl_read_reply (int rtnl_fd,
|
||||||
int seq_nr)
|
unsigned int seq_nr)
|
||||||
{
|
{
|
||||||
char buffer[1024];
|
char buffer[1024];
|
||||||
ssize_t received;
|
ssize_t received;
|
||||||
@@ -80,7 +80,7 @@ rtnl_read_reply (int rtnl_fd,
|
|||||||
{
|
{
|
||||||
if (rheader->nlmsg_seq != seq_nr)
|
if (rheader->nlmsg_seq != seq_nr)
|
||||||
return -1;
|
return -1;
|
||||||
if (rheader->nlmsg_pid != getpid ())
|
if ((pid_t)rheader->nlmsg_pid != getpid ())
|
||||||
return -1;
|
return -1;
|
||||||
if (rheader->nlmsg_type == NLMSG_ERROR)
|
if (rheader->nlmsg_type == NLMSG_ERROR)
|
||||||
{
|
{
|
||||||
|
Reference in New Issue
Block a user