From: Junio C Hamano <gitster@pobox.com>
To: Karthik Nayak <karthik.188@gmail.com>
Cc: git@vger.kernel.org, Jeff King <peff@peff.net>
Subject: Re: [PATCH 1/5] ref-cache: use 'size_t' instead of int for length
Date: Thu, 24 Jul 2025 10:17:56 -0700 [thread overview]
Message-ID: <xmqq7bzxik3f.fsf@gitster.g> (raw)
In-Reply-To: <20250724-kn-small-cleanups-v1-1-0c70f591de3e@gmail.com> (Karthik Nayak's message of "Thu, 24 Jul 2025 10:14:42 +0200")
Karthik Nayak <karthik.188@gmail.com> writes:
> The commit 090eb5336c (refs: selectively set prefix in the seek
> functions, 2025-07-15) modified the ref-cache iterator to support
> seeking to a specified marker without setting the prefix.
>
> The commit adds and uses an integer 'len' to capture the length of the
> seek marker to compare with the entries of a given directory. Since the
> type of the variable is 'int', this is met with a typecast of converting
> a `strlen` to 'int' so it can be assigned to the 'len' variable.
>
> This is whole operation is a bit wrong:
> 1. Since the 'len' variable is eventually used in a 'strncmp', it should
> have been of type 'size_t'.
> 2. This also truncates the value provided from 'strlen' to an int, which
> could cause a large refname to produce a negative number.
>
> Let's do the correct thing here and simply use 'size_t' for `len`.
>
> Signed-off-by: Karthik Nayak <karthik.188@gmail.com>
> ---
> refs/ref-cache.c | 5 +++--
> 1 file changed, 3 insertions(+), 2 deletions(-)
>
> diff --git a/refs/ref-cache.c b/refs/ref-cache.c
> index 1d95b56d40..8df7ae43e5 100644
> --- a/refs/ref-cache.c
> +++ b/refs/ref-cache.c
> @@ -498,13 +498,14 @@ static int cache_ref_iterator_seek(struct ref_iterator *ref_iterator,
> * indexing to each level as needed.
> */
> do {
> - int len, idx;
> + int idx;
> + size_t len;
> int cmp = 0;
>
> sort_ref_dir(dir);
>
> slash = strchr(slash, '/');
> - len = slash ? slash - refname : (int)strlen(refname);
> + len = slash ? (size_t)(slash - refname) : strlen(refname);
The "strlen()" side is good, but was there recently a discussion on
how to safely convert (slash - refname) that is ptrdiff_t to size_t?
My archive search found a rather old ptrdiff_to_size() proposal
https://lore.kernel.org/git/20241227213729.GA796141@coredump.intra.peff.net/
but I thought there were another discussion thread about casting to size_t
recently.
I _think_ a vanilla cast is safe here, as slash sits always right to
refname (if not NULL, that is), and the difference should fit within
size_t (because the difference is smaller than the size of the
memory block pointed at by slash).
So in short, this looks good. Will queue.
next prev parent reply other threads:[~2025-07-24 17:17 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-07-24 8:14 [PATCH 0/5] ref-filter: small cleanups and fixes Karthik Nayak
2025-07-24 8:14 ` [PATCH 1/5] ref-cache: use 'size_t' instead of int for length Karthik Nayak
2025-07-24 17:17 ` Junio C Hamano [this message]
2025-07-24 8:14 ` [PATCH 2/5] for-each-ref: fix documentation argument ordering Karthik Nayak
2025-07-24 17:27 ` Junio C Hamano
2025-07-24 22:14 ` Karthik Nayak
2025-07-24 22:32 ` Junio C Hamano
2025-07-28 20:19 ` Karthik Nayak
2025-07-25 10:55 ` Patrick Steinhardt
2025-07-28 20:18 ` Karthik Nayak
2025-07-24 8:14 ` [PATCH 3/5] for-each-ref: reword the documentation for '--start-after' Karthik Nayak
2025-07-25 10:55 ` Patrick Steinhardt
2025-07-24 8:14 ` [PATCH 4/5] t6302: add test combining '--start-after' with '--exclude' Karthik Nayak
2025-07-24 8:14 ` [PATCH 5/5] ref-filter: use REF_ITERATOR_SEEK_SET_PREFIX instead of '1' Karthik Nayak
2025-07-24 17:41 ` [PATCH 0/5] ref-filter: small cleanups and fixes Junio C Hamano
2025-07-28 20:20 ` [PATCH v2 " Karthik Nayak
2025-07-28 20:20 ` [PATCH v2 1/5] ref-cache: use 'size_t' instead of int for length Karthik Nayak
2025-07-28 20:20 ` [PATCH v2 2/5] for-each-ref: fix documentation argument ordering Karthik Nayak
2025-07-28 20:20 ` [PATCH v2 3/5] for-each-ref: reword the documentation for '--start-after' Karthik Nayak
2025-07-28 20:20 ` [PATCH v2 4/5] t6302: add test combining '--start-after' with '--exclude' Karthik Nayak
2025-07-28 20:20 ` [PATCH v2 5/5] ref-filter: use REF_ITERATOR_SEEK_SET_PREFIX instead of '1' Karthik Nayak
2025-07-29 8:04 ` [PATCH v2 0/5] ref-filter: small cleanups and fixes Patrick Steinhardt
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=xmqq7bzxik3f.fsf@gitster.g \
--to=gitster@pobox.com \
--cc=git@vger.kernel.org \
--cc=karthik.188@gmail.com \
--cc=peff@peff.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).