On 9/21/22 16:11, Sam James wrote:
For these, could you consider including the full version?
Sure, revised patch attached.
From 83808d17d9fd28166ca174d522441edea3257804 Mon Sep 17 00:00:00 2001
From: Paul Eggert <egg...@cs.ucla.edu>
Date: Tue, 20 Sep 2022 14:00:34 -0700
Subject: [PATCH] Pacify GCC -Wsign-compare
* src/arscan.c (ar_scan): Pacify 12.2.1 20220819 (Red Hat 12.2.1-2)
-Wsign-compare by copying an unsigned value into a signed variable
before comparing it. Make sure it is in range before copying.
---
src/arscan.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/src/arscan.c b/src/arscan.c
index 83377910..f22d21aa 100644
--- a/src/arscan.c
+++ b/src/arscan.c
@@ -714,11 +714,13 @@ ar_scan (const char *archive, ar_member_func_t function, const void *arg)
&& name[2] == '/')
{
const char* err;
- unsigned int name_len = make_toui (name + 3, &err);
+ unsigned int ui = make_toui (name + 3, &err);
+ int name_len;
- if (err || name_len == 0 || name_len > PATH_MAX)
+ if (err || ui == 0 || ui >= MIN (PATH_MAX, INT_MAX))
goto invalid;
+ name_len = ui;
name = alloca (name_len + 1);
nread = readbuf (desc, name, name_len);
if (nread != name_len)
--
2.37.3
