Revert "fanotify: remove unneeded sub-zero check for unsigned value"

This reverts commit e6595224. These kinds of patches are only making the code worse. Compilers don't care about the unnecessary check, but removing it makes the code less obvious to a human. The declaration of 'len' is more than 80 lines earlier, so a human won't easily see that 'len' is of an unsigned type, so to a human the range check that checks against zero is much more explicit and obvious. Any tool that complains about a range check like this just because the variable is unsigned is actively detrimental, and should be ignored. Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

Revert "fanotify: remove unneeded sub-zero check for unsigned value"
This reverts commit e6595224. These kinds of patches are only making the code worse. Compilers don't care about the unnecessary check, but removing it makes the code less obvious to a human. The declaration of 'len' is more than 80 lines earlier, so a human won't easily see that 'len' is of an unsigned type, so to a human the range check that checks against zero is much more explicit and obvious. Any tool that complains about a range check like this just because the variable is unsigned is actively detrimental, and should be ignored. Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
d0e71e23 · Linus Torvalds · 5af9d1cf · d0e71e23
Commit d0e71e23 authored May 20, 2024 by Linus Torvalds
Show whitespace changes
Inline Side-by-side

Showing with 1 addition and 1 deletion

fs/notify/fanotify/fanotify_user.c fs/notify/fanotify/fanotify_user.c +1 -1

No files found.
--- a/fs/notify/fanotify/fanotify_user.c
+++ b/fs/notify/fanotify/fanotify_user.c
@@ -502,7 +502,7 @@ static int copy_fid_info_to_user(__kernel_fsid_t *fsid, struct fanotify_fh *fh,
 	}

 	/* Pad with 0's */
-	WARN_ON_ONCE(len >= FANOTIFY_EVENT_ALIGN);
+	WARN_ON_ONCE(len < 0 || len >= FANOTIFY_EVENT_ALIGN);
 	if (len > 0 && clear_user(buf, len))
 		return -EFAULT;