From df4125ec677be3805758204a754a5b0f6b49dadd Mon Sep 17 00:00:00 2001
From: Alejandro Colomar <alx@kernel.org>
Date: Sun, 9 Feb 2025 12:23:46 +0100
Subject: [PATCH] lib/fs/readlink/: readlinknul(): Use ssize_t to simplify

Consistently using a signed type allows us to avoid sign-mismatch
diagnostics, while keeping the code simple.  It feels weird to
accept a ssize_t instead of a size_t, but it's a matter of getting
used to it.

Another way to achieve this with a single 'len' variable and no casts
would be to compare against SIZE_MAX, but that's less readable than -1.
Or one could write a SIZE_C() macro a la UINT64_C(), and compare the
size_t against SIZE_C(-1), but that's still suboptimal (regarding
readability) compared to consistently using signed size types.

Fixes: b9d00b64a19f (2024-12-09; "lib/fs/readlink/readlinknul.h: readlinknul(): Silence warning")
Acked-by: Serge Hallyn <serge@hallyn.com>
Cc: Martin Uecker <uecker@tugraz.at>
Cc: "Robert C. Seacord" <rcseacord@gmail.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
---
 lib/fs/readlink/readlinknul.c |  5 ++---
 lib/fs/readlink/readlinknul.h | 21 +++++++++------------
 2 files changed, 11 insertions(+), 15 deletions(-)

diff --git a/lib/fs/readlink/readlinknul.c b/lib/fs/readlink/readlinknul.c
index b0fc2a786..bb79dcaaf 100644
--- a/lib/fs/readlink/readlinknul.c
+++ b/lib/fs/readlink/readlinknul.c
@@ -1,4 +1,4 @@
-// SPDX-FileCopyrightText: 2024, Alejandro Colomar <alx@kernel.org>
+// SPDX-FileCopyrightText: 2024-2025, Alejandro Colomar <alx@kernel.org>
 // SPDX-License-Identifier: BSD-3-Clause
 
 
@@ -6,9 +6,8 @@
 
 #include "fs/readlink/readlinknul.h"
 
-#include <stddef.h>
 #include <sys/types.h>
 
 
 extern inline ssize_t readlinknul(const char *restrict link, char *restrict buf,
-    size_t size);
+    ssize_t size);
diff --git a/lib/fs/readlink/readlinknul.h b/lib/fs/readlink/readlinknul.h
index 606c2e112..ed2f34d13 100644
--- a/lib/fs/readlink/readlinknul.h
+++ b/lib/fs/readlink/readlinknul.h
@@ -1,4 +1,4 @@
-// SPDX-FileCopyrightText: 2024, Alejandro Colomar <alx@kernel.org>
+// SPDX-FileCopyrightText: 2024-2025, Alejandro Colomar <alx@kernel.org>
 // SPDX-License-Identifier: BSD-3-Clause
 
 
@@ -9,7 +9,6 @@
 #include <config.h>
 
 #include <errno.h>
-#include <stddef.h>
 #include <string.h>
 #include <sys/types.h>
 #include <unistd.h>
@@ -23,30 +22,28 @@
 
 ATTR_STRING(1)
 inline ssize_t readlinknul(const char *restrict link, char *restrict buf,
-    size_t size);
+    ssize_t size);
 
 
 // Similar to readlink(2), but terminate the string.
 inline ssize_t
-readlinknul(const char *restrict link, char *restrict buf, size_t size)
+readlinknul(const char *restrict link, char *restrict buf, ssize_t size)
 {
-	size_t   ulen;
-	ssize_t  slen;
+	ssize_t  len;
 
-	slen = readlink(link, buf, size);
-	if (slen == -1)
+	len = readlink(link, buf, size);
+	if (len == -1)
 		return -1;
 
-	ulen = slen;
-	if (ulen == size) {
+	if (len == size) {
 		stpcpy(&buf[size-1], "");
 		errno = E2BIG;
 		return -1;
 	}
 
-	stpcpy(&buf[ulen], "");
+	stpcpy(&buf[len], "");
 
-	return slen;
+	return len;
 }
 
 
-- 
2.47.2