worktree: use xsize_t to access file size

To read the "gitdir" file into memory, we stat the file and allocate a buffer. But we store the size in an "int", which may be truncated. We should use a size_t and xsize_t(), which will detect truncation. An overflow is unlikely for a "gitdir" file, but it's a good practice to model. Signed-off-by: Jeff King <peff@peff.net> Reviewed-by: Jonathan Nieder <jrnieder@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
author: Jeff King <peff@peff.net> 2017-09-27 02:02:21 -0400
committer: Junio C Hamano <gitster@pobox.com> 2017-09-27 15:45:57 +0900
commit: 228740b67b55f4ee23637bd1472a73ae50efe93a (patch)
tree: 48a1855d58b4bccd90ee407c834447f349db26e6
parent: distinguish error versus short read from read_in_full() (diff)
download: tgif-228740b67b55f4ee23637bd1472a73ae50efe93a.tar.xz
1 files changed, 3 insertions, 2 deletions
diff --git a/builtin/worktree.c b/builtin/worktree.c
index de26849f55..2f4a4ef9cd 100644
--- a/builtin/worktree.c
+++ b/builtin/worktree.c
@@ -38,7 +38,8 @@ static int prune_worktree(const char *id, struct strbuf *reason)
 {
 	struct stat st;
 	char *path;
-	int fd, len;
+	int fd;
+	size_t len;
 
 	if (!is_directory(git_path("worktrees/%s", id))) {
 		strbuf_addf(reason, _("Removing worktrees/%s: not a valid directory"), id);
@@ -56,7 +57,7 @@ static int prune_worktree(const char *id, struct strbuf *reason)
 			    id, strerror(errno));
 		return 1;
 	}
-	len = st.st_size;
+	len = xsize_t(st.st_size);
 	path = xmallocz(len);
 	read_in_full(fd, path, len);
 	close(fd);
author	Jeff King <peff@peff.net>	2017-09-27 02:02:21 -0400
committer	Junio C Hamano <gitster@pobox.com>	2017-09-27 15:45:57 +0900
commit	228740b67b55f4ee23637bd1472a73ae50efe93a (patch)
tree	48a1855d58b4bccd90ee407c834447f349db26e6
parent	distinguish error versus short read from read_in_full() (diff)
download	tgif-228740b67b55f4ee23637bd1472a73ae50efe93a.tar.xz