| Message ID | 20200728202152.GA1021513@coredump.intra.peff.net (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | renaming argv_array | expand |
diff --git a/argv-array.h b/argv-array.h index a7d3b10707..4fc57b6902 100644 --- a/argv-array.h +++ b/argv-array.h @@ -29,8 +29,8 @@ extern const char *empty_argv[]; */ struct argv_array { const char **argv; - int argc; - int alloc; + size_t argc; + size_t alloc; }; #define ARGV_ARRAY_INIT { empty_argv, 0, 0 }
On most 64-bit platforms, "int" is significantly smaller than a size_t, which could lead to integer overflow and under-allocation of the array. It's probably impossible to trigger in practice, as it would imply on the order of 2^32 individual allocations. Even if was possible to grow an array in that way (and we typically only use it for sets of strings, like command line options), each allocation needs a pointer, malloc overhead, etc. You'd quite likely run out of RAM before succeeding in such an overflow. But all that hand-waving aside, it's easy enough to use the correct type, so let's do so. Signed-off-by: Jeff King <peff@peff.net> --- This one is obviously of value even without the renaming. argv-array.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)