xdr: fix two old FIXMEs related to signed/unsigned arithmetic

It's implementation-defined whether the C '>>' operator, when
applied to a signed integer, is sign-extending or zero-filling.
If you want unsigned arithmetic, you have to ask for it explicitly.
One assumes the reason for the shift is to avoid overflow if the
returned size/count is later converted to a signed int, in which
case maybe it would be better to use INT_MAX here.  This is the
minimal change necessary for correctness.

Change-Id: I6e848110963b5e1832a11d052d84884f10903e2e
Reviewed-on: http://gerrit.openafs.org/7800
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>

diff --git a/src/rx/xdr.c b/src/rx/xdr.c
index 884627e..2639de3 100644 (file)
--- a/src/rx/xdr.c
+++ b/src/rx/xdr.c
@@ -509,9 +509,8 @@ xdr_string(XDR * xdrs, char **cpp, u_int maxsize)
     u_int size;
     u_int nodesize;
 
-    /* FIXME: this does not look correct: MSVC 6 computes -2 here */
-    if (maxsize > ((~0) >> 1) - 1)
-       maxsize = ((~0) >> 1) - 1;
+    if (maxsize > ((~0u) >> 1) - 1)
+       maxsize = ((~0u) >> 1) - 1;
 
     /*
      * first deal with the length since xdr strings are counted-strings

diff --git a/src/rx/xdr_array.c b/src/rx/xdr_array.c
index 14378eb..b1c3866 100644 (file)
--- a/src/rx/xdr_array.c
+++ b/src/rx/xdr_array.c
@@ -87,8 +87,7 @@ xdr_array(XDR * xdrs, caddr_t * addrp, u_int * sizep, u_int maxsize,
     bool_t stat = TRUE;
     u_int nodesize;
 
-    /* FIXME: this does not look correct: MSVC 6 computes -1 / elsize here */
-    i = ((~0) >> 1) / elsize;
+    i = ((~0u) >> 1) / elsize;
     if (maxsize > i)
        maxsize = i;