xdr: fix two old FIXMEs related to signed/unsigned arithmetic

It's implementation-defined whether the C '>>' operator, when
applied to a signed integer, is sign-extending or zero-filling.
If you want unsigned arithmetic, you have to ask for it explicitly.
One assumes the reason for the shift is to avoid overflow if the
returned size/count is later converted to a signed int, in which
case maybe it would be better to use INT_MAX here.  This is the
minimal change necessary for correctness.

Change-Id: I6e848110963b5e1832a11d052d84884f10903e2e
Reviewed-on: http://gerrit.openafs.org/7800
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>

diff --git a/src/rx/xdr.c b/src/rx/xdr.c
index 884627e4b4665f59376538b7e25232ad60f6693c..2639de3d09d9eef39ed19b26c3cdc3680dc4bbc9 100644 (file)
--- a/src/rx/xdr.c
+++ b/src/rx/xdr.c
@@ -509,9 +509,8 @@ xdr_string(XDR * xdrs, char **cpp, u_int maxsize)
     u_int size;
     u_int nodesize;
 
-    /* FIXME: this does not look correct: MSVC 6 computes -2 here */
-    if (maxsize > ((~0) >> 1) - 1)
-       maxsize = ((~0) >> 1) - 1;
+    if (maxsize > ((~0u) >> 1) - 1)
+       maxsize = ((~0u) >> 1) - 1;
 
     /*
      * first deal with the length since xdr strings are counted-strings

diff --git a/src/rx/xdr_array.c b/src/rx/xdr_array.c
index 14378ebb9ca787b9281cc99d6ceb1f82f7639014..b1c38661f80c5da2b571eed8fefb484a71fca0af 100644 (file)
--- a/src/rx/xdr_array.c
+++ b/src/rx/xdr_array.c
@@ -87,8 +87,7 @@ xdr_array(XDR * xdrs, caddr_t * addrp, u_int * sizep, u_int maxsize,
     bool_t stat = TRUE;
     u_int nodesize;
 
-    /* FIXME: this does not look correct: MSVC 6 computes -1 / elsize here */
-    i = ((~0) >> 1) / elsize;
+    i = ((~0u) >> 1) / elsize;
     if (maxsize > i)
        maxsize = i;