Martin Natano
2016-01-09 11:26:51 UTC
Below the uiomove() conversion for bpf. bd_hlen is a signed integer, but
can't be negative, because it contains the size of a buffer. Thus, the
conversion to size_t is ok.
Index: net/bpf.c
===================================================================
RCS file: /cvs/src/sys/net/bpf.c,v
retrieving revision 1.132
diff -u -p -u -r1.132 bpf.c
--- net/bpf.c 7 Jan 2016 05:31:17 -0000 1.132
+++ net/bpf.c 9 Jan 2016 11:03:33 -0000
@@ -212,7 +212,7 @@ bpf_movein(struct uio *uio, u_int linkty
m->m_len = len;
*mp = m;
- error = uiomovei(mtod(m, caddr_t), len, uio);
+ error = uiomove(mtod(m, caddr_t), len, uio);
if (error)
goto bad;
@@ -488,7 +488,7 @@ bpfread(dev_t dev, struct uio *uio, int
* We know the entire buffer is transferred since
* we checked above that the read buffer is bpf_bufsize bytes.
*/
- error = uiomovei(d->bd_hbuf, d->bd_hlen, uio);
+ error = uiomove(d->bd_hbuf, d->bd_hlen, uio);
s = splnet();
d->bd_fbuf = d->bd_hbuf;
cheers,
natano
can't be negative, because it contains the size of a buffer. Thus, the
conversion to size_t is ok.
Index: net/bpf.c
===================================================================
RCS file: /cvs/src/sys/net/bpf.c,v
retrieving revision 1.132
diff -u -p -u -r1.132 bpf.c
--- net/bpf.c 7 Jan 2016 05:31:17 -0000 1.132
+++ net/bpf.c 9 Jan 2016 11:03:33 -0000
@@ -212,7 +212,7 @@ bpf_movein(struct uio *uio, u_int linkty
m->m_len = len;
*mp = m;
- error = uiomovei(mtod(m, caddr_t), len, uio);
+ error = uiomove(mtod(m, caddr_t), len, uio);
if (error)
goto bad;
@@ -488,7 +488,7 @@ bpfread(dev_t dev, struct uio *uio, int
* We know the entire buffer is transferred since
* we checked above that the read buffer is bpf_bufsize bytes.
*/
- error = uiomovei(d->bd_hbuf, d->bd_hlen, uio);
+ error = uiomove(d->bd_hbuf, d->bd_hlen, uio);
s = splnet();
d->bd_fbuf = d->bd_hbuf;
cheers,
natano