msgbuf: Drop unnecessary buffer size arithmetic in array helpers
If we're going to multiply we need to guard against the result
overflowing. However, we don't need to multiply to derive `len` as the
sizeof() expression always evaluates to 1 by definition, yielding
`count`.
Drop the derivation of `len` to clarify that overflow can't occur.
Change-Id: I47b8804663518cdbcc70efa2bce14e4edf6702a2
Signed-off-by: Andrew Jeffery <andrew@codeconstruct.com.au>
diff --git a/src/msgbuf.h b/src/msgbuf.h
index c9527e1..b32daf0 100644
--- a/src/msgbuf.h
+++ b/src/msgbuf.h
@@ -343,8 +343,6 @@
static inline int pldm_msgbuf_extract_array_uint8(struct pldm_msgbuf *ctx,
uint8_t *dst, size_t count)
{
- size_t len;
-
if (!ctx || !ctx->cursor || !dst) {
return PLDM_ERROR_INVALID_DATA;
}
@@ -353,19 +351,18 @@
return PLDM_SUCCESS;
}
- len = sizeof(*dst) * count;
- if (len > SSIZE_MAX) {
+ if (count >= SSIZE_MAX) {
return PLDM_ERROR_INVALID_LENGTH;
}
- ctx->remaining -= (ssize_t)len;
+ ctx->remaining -= (ssize_t)count;
assert(ctx->remaining >= 0);
if (ctx->remaining < 0) {
return PLDM_ERROR_INVALID_LENGTH;
}
- memcpy(dst, ctx->cursor, len);
- ctx->cursor += len;
+ memcpy(dst, ctx->cursor, count);
+ ctx->cursor += count;
return PLDM_SUCCESS;
}
@@ -509,7 +506,6 @@
const uint8_t *src,
size_t count)
{
- size_t len;
if (!ctx || !ctx->cursor || !src) {
return PLDM_ERROR_INVALID_DATA;
}
@@ -518,19 +514,18 @@
return PLDM_SUCCESS;
}
- len = sizeof(*src) * count;
- if (len > SSIZE_MAX) {
+ if (count >= SSIZE_MAX) {
return PLDM_ERROR_INVALID_LENGTH;
}
- ctx->remaining -= (ssize_t)len;
+ ctx->remaining -= (ssize_t)count;
assert(ctx->remaining >= 0);
if (ctx->remaining < 0) {
return PLDM_ERROR_INVALID_LENGTH;
}
- memcpy(ctx->cursor, src, len);
- ctx->cursor += len;
+ memcpy(ctx->cursor, src, count);
+ ctx->cursor += count;
return PLDM_SUCCESS;
}