On Mon, 31 Aug 2015 01:38:44 +0000 "Ouyang, Changchun" <changchun.ouyang at intel.com> wrote:
> Hi Stephen, > > > -----Original Message----- > > From: Stephen Hemminger [mailto:stephen at networkplumber.org] > > Sent: Saturday, August 29, 2015 12:24 AM > > To: Xie, Huawei; Ouyang, Changchun > > Cc: dev at dpdk.org; Stephen Hemminger > > Subject: [PATCH 2/3] virtio: fix Coverity unsigned warnings > > > > There are some places in virtio driver where uint16_t or int are used where > > it > > would be safer to use unsigned. > > Why will it be safer? Integer to unsigned conversion risks bugs about sign extension and wrap around. There is a whole class of security related bug possiblities caused by just this kind of thing. In this case the code is hidden behind layers which make it unlikely to be exploitable, but as a general policy it is best not to use signed types unless absolutely necessary. That is why tools like Coverity are so picky about this.
