Revert "linux: turn on -Wextra"

Compiled locally and on trybots but failed on builder?!

This reverts commit r42688.

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@42689 0039d316-1c4b-4281-b951-d872f2087c98

4 files changed, 8 insertions, 6 deletions

diff --git a/sandbox/linux/seccomp/library.cc b/sandbox/linux/seccomp/library.cc
index 768b00a..1b06bc1 100644
--- a/sandbox/linux/seccomp/library.cc
+++ b/sandbox/linux/seccomp/library.cc
@@ -318,7 +318,7 @@ const Elf_Shdr* Library::getSection(const string& section) {
   return &iter->second.second;
 }
 
-int Library::getSectionIndex(const string& section) {
+const int Library::getSectionIndex(const string& section) {
   if (!valid_) {
     return -1;
   }
diff --git a/sandbox/linux/seccomp/library.h b/sandbox/linux/seccomp/library.h
index e27bfde..96ec581 100644
--- a/sandbox/linux/seccomp/library.h
+++ b/sandbox/linux/seccomp/library.h
@@ -126,7 +126,7 @@ class Library {
   bool parseElf();
   const Elf_Ehdr* getEhdr();
   const Elf_Shdr* getSection(const string& section);
-  int getSectionIndex(const string& section);
+  const int getSectionIndex(const string& section);
   void makeWritable(bool state) const;
   void patchSystemCalls();
   bool isVDSO() const { return isVDSO_; }
diff --git a/sandbox/linux/seccomp/sandbox_impl.h b/sandbox/linux/seccomp/sandbox_impl.h
index 18a359c..0a98283 100644
--- a/sandbox/linux/seccomp/sandbox_impl.h
+++ b/sandbox/linux/seccomp/sandbox_impl.h
@@ -268,7 +268,7 @@ class Sandbox {
   // Wrapper around "read()" that can deal with partial and interrupted reads
   // and that does not modify the global errno variable.
   static ssize_t read(SysCalls& sys, int fd, void* buf, size_t len) {
-    if (static_cast<ssize_t>(len) < 0) {
+    if (len < 0) {
       sys.my_errno = EINVAL;
       return -1;
     }
diff --git a/sandbox/linux/seccomp/socketcall.cc b/sandbox/linux/seccomp/socketcall.cc
index 497e5e2..43116bb 100644
--- a/sandbox/linux/seccomp/socketcall.cc
+++ b/sandbox/linux/seccomp/socketcall.cc
@@ -288,7 +288,8 @@ bool Sandbox::process_sendmsg(int parentMapsFd, int sandboxFd, int threadFdPub,
     die("Failed to read parameters for sendmsg() [process]");
   }
 
-  if (data.msg.msg_namelen > 4096 || data.msg.msg_controllen > 4096) {
+  if (data.msg.msg_namelen    < 0 || data.msg.msg_namelen    > 4096 ||
+      data.msg.msg_controllen < 0 || data.msg.msg_controllen > 4096) {
     die("Unexpected size for socketcall() payload [process]");
   }
   char extra[data.msg.msg_namelen + data.msg.msg_controllen];
@@ -766,7 +767,7 @@ bool Sandbox::process_socketcall(int parentMapsFd, int sandboxFd,
   // Verify that the length for the payload is reasonable. We don't want to
   // blow up our stack, and excessive (or negative) buffer sizes are almost
   // certainly a bug.
-  if (numExtraData > 4096) {
+  if (numExtraData < 0 || numExtraData > 4096) {
     die("Unexpected size for socketcall() payload [process]");
   }
 
@@ -782,7 +783,8 @@ bool Sandbox::process_socketcall(int parentMapsFd, int sandboxFd,
   ssize_t numSendmsgExtra = 0;
   if (socketcall_req.call == SYS_SENDMSG) {
     struct msghdr* msg = reinterpret_cast<struct msghdr*>(extra);
-    if (msg->msg_namelen > 4096 || msg->msg_controllen > 4096) {
+    if (msg->msg_namelen    < 0 || msg->msg_namelen    > 4096 ||
+        msg->msg_controllen < 0 || msg->msg_controllen > 4096) {
       die("Unexpected size for socketcall() payload [process]");
     }
     numSendmsgExtra = msg->msg_namelen + msg->msg_controllen;