argv-array: use size_t for count and alloc

On most 64-bit platforms, "int" is significantly smaller than a size_t,
which could lead to integer overflow and under-allocation of the array.
It's probably impossible to trigger in practice, as it would imply on
the order of 2^32 individual allocations. Even if was possible to grow
an array in that way (and we typically only use it for sets of strings,
like command line options), each allocation needs a pointer, malloc
overhead, etc. You'd quite likely run out of RAM before succeeding in
such an overflow.

But all that hand-waving aside, it's easy enough to use the correct
type, so let's do so.

Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
This commit is contained in:
Jeff King 2020-07-28 16:21:52 -04:00 committed by Junio C Hamano
parent 47ae905ffb
commit 819f0e76b1

View File

@ -29,8 +29,8 @@ extern const char *empty_argv[];
*/ */
struct argv_array { struct argv_array {
const char **argv; const char **argv;
int argc; size_t argc;
int alloc; size_t alloc;
}; };
#define ARGV_ARRAY_INIT { empty_argv, 0, 0 } #define ARGV_ARRAY_INIT { empty_argv, 0, 0 }