v0 protocol: use size_t for capability length/offset
When parsing server capabilities, we use "int" to store lengths and offsets. At first glance this seems like a spot where our parser may be confused by integer overflow if somebody sent us a malicious response. In practice these strings are all bounded by the 64k limit of a pkt-line, so using "int" is OK. However, it makes the code simpler to audit if they just use size_t everywhere. Note that because we take these parameters as pointers, this also forces many callers to update their declared types. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
This commit is contained in:
Jeff King
committed by
Junio C Hamano
Junio C Hamano
parent
c4716236f2
commit
7ce4c8f752
@ -538,7 +538,7 @@ int send_pack(struct send_pack_args *args,
|
||||
die(_("the receiving end does not support this repository's hash algorithm"));
|
||||
|
||||
if (args->push_cert != SEND_PACK_PUSH_CERT_NEVER) {
|
||||
int len;
|
||||
size_t len;
|
||||
push_cert_nonce = server_feature_value("push-cert", &len);
|
||||
if (push_cert_nonce) {
|
||||
reject_invalid_nonce(push_cert_nonce, len);
|
||||
|
||||
Reference in New Issue
Block a user