diff options
| author | Jeff King <peff@peff.net> | 2023-04-15 00:25:20 +0300 |
|---|---|---|
| committer | Junio C Hamano <gitster@pobox.com> | 2023-04-15 01:08:13 +0300 |
| commit | 7ce4c8f752bc0da682acbda6457d6543ad5d0069 (patch) | |
| tree | 545d1046f411277a392118d3520c8385970a0765 /fetch-pack.c | |
| parent | c4716236f218cd1278bde43ed2e6773f1d2e667a (diff) | |
v0 protocol: use size_t for capability length/offset
When parsing server capabilities, we use "int" to store lengths and
offsets. At first glance this seems like a spot where our parser may be
confused by integer overflow if somebody sent us a malicious response.
In practice these strings are all bounded by the 64k limit of a
pkt-line, so using "int" is OK. However, it makes the code simpler to
audit if they just use size_t everywhere. Note that because we take
these parameters as pointers, this also forces many callers to update
their declared types.
Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'fetch-pack.c')
| -rw-r--r-- | fetch-pack.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/fetch-pack.c b/fetch-pack.c index 368f2ed25a..97a44ed582 100644 --- a/fetch-pack.c +++ b/fetch-pack.c @@ -1099,7 +1099,7 @@ static struct ref *do_fetch_pack(struct fetch_pack_args *args, struct ref *ref = copy_ref_list(orig_ref); struct object_id oid; const char *agent_feature; - int agent_len; + size_t agent_len; struct fetch_negotiator negotiator_alloc; struct fetch_negotiator *negotiator; @@ -1117,7 +1117,7 @@ static struct ref *do_fetch_pack(struct fetch_pack_args *args, agent_supported = 1; if (agent_len) print_verbose(args, _("Server version is %.*s"), - agent_len, agent_feature); + (int)agent_len, agent_feature); } if (!server_supports("session-id")) |