From 4d0ef9a6b92953eb06937c3f74001909bd071c86 Mon Sep 17 00:00:00 2001 From: Eliseo Martínez Date: Tue, 27 Jan 2015 17:02:57 +0100 Subject: coverity/13745: Argument cannot be negative: RI. Problem : Argument cannot be negative @ 1165. Diagnostic : Real issue. Rationale : len can be assigned a negative value @ 1162; len is passed as an unsigned argument @ 1165. Resolution : Refactor variable's types: - Use ftello instead of ftell to avoid using long. - Assert ftello result is safely convertible to size_t. - Introduce variable read_size to avoid using i (int). --- src/nvim/os_unix.c | 22 ++++++++++++++++++---- 1 file changed, 18 insertions(+), 4 deletions(-) (limited to 'src/nvim/os_unix.c') diff --git a/src/nvim/os_unix.c b/src/nvim/os_unix.c index 15185aca49..d674db951f 100644 --- a/src/nvim/os_unix.c +++ b/src/nvim/os_unix.c @@ -1159,16 +1159,30 @@ int mch_expand_wildcards(int num_pat, char_u **pat, int *num_file, free(tempname); goto notfound; } - fseek(fd, 0L, SEEK_END); - len = ftell(fd); /* get size of temp file */ + int fseek_res = fseek(fd, 0L, SEEK_END); + if (fseek_res < 0) { + free(tempname); + fclose(fd); + return FAIL; + } + long long templen = ftell(fd); /* get size of temp file */ + if (templen < 0) { + free(tempname); + fclose(fd); + return FAIL; + } +#if SIZEOF_LONG_LONG > SIZEOF_SIZE_T + assert(templen <= (long long)SIZE_MAX); +#endif + len = (size_t)templen; fseek(fd, 0L, SEEK_SET); buffer = xmalloc(len + 1); // fread() doesn't terminate buffer with NUL; // appropiate termination (not always NUL) is done below. - i = fread((char *)buffer, 1, len, fd); + size_t readlen = fread((char *)buffer, 1, len, fd); fclose(fd); os_remove((char *)tempname); - if (i != (int)len) { + if (readlen != len) { /* unexpected read error */ EMSG2(_(e_notread), tempname); free(tempname); -- cgit