Wrong comparison in tcp add-on

[kaliber]

Here is clang diagnose:

src/add-ons/kernel/network/protocols/tcp/tcp.cpp:201:43: error: comparison of unsigned expression >= 0 is always true [-Wtautological-compare]
                                if (option->length == 4 && (size - 4) >= 0)
                                                           ~~~~~~~~~~ ^  ~
src/add-ons/kernel/network/protocols/tcp/tcp.cpp:205:43: error: comparison of unsigned expression >= 0 is always true [-Wtautological-compare]
                                if (option->length == 3 && (size - 3) >= 0) {
                                                           ~~~~~~~~~~ ^  ~
src/add-ons/kernel/network/protocols/tcp/tcp.cpp:211:45: error: comparison of unsigned expression >= 0 is always true [-Wtautological-compare]
                                if (option->length == 10 && (size - 10) >= 0) {
                                                            ~~~~~~~~~~~ ^  ~
src/add-ons/kernel/network/protocols/tcp/tcp.cpp:219:43: error: comparison of unsigned expression >= 0 is always true [-Wtautological-compare]
                                if (option->length == 2 && (size - 2) >= 0)
                                                           ~~~~~~~~~~ ^  ~

[kaliber]

proposed patch

[stippi]

I've looked into the problem and your patch is not a good solution. The length from the option is used regardless of those comparisions. If size happens not to be a multiple of the option length (which may be checked elsewhere in the code, I don't know), then the loop will overflow (wrap) the size variable. I will commit a different fix.

[stippi]

Should be fixed in hrev39309.

[axeld]

Actually, I think kaliber's patch was just fine. If you look at the caller of process_options(), the size cannot be smaller than 0.

His patch also makes the code more readable; I'm going to apply it later.

[axeld]

Patch applied, and stippi's issue fixed differently in hrev39311. Thanks everyone!