v0 protocol: use size_t for capability length/offset When parsing server capabilities, we use "int" to store lengths and offsets. At first glance this seems like a spot where our parser may be confused by integer overflow if somebody sent us a malicious response. In practice these strings are all bounded by the 64k limit of a pkt-line, so using "int" is OK. However, it makes the code simpler to audit if they just use size_t everywhere. Note that because we take these parameters as pointers, this also forces many callers to update their declared types. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>

commit: 7ce4c8f752bc0da682acbda6457d6543ad5d0069 [log] [tgz]
author: Jeff King <peff@peff.net> Fri Apr 14 17:25:20 2023 -0400
committer: Junio C Hamano <gitster@pobox.com> Fri Apr 14 15:08:13 2023 -0700
tree: 545d1046f411277a392118d3520c8385970a0765
parent: c4716236f218cd1278bde43ed2e6773f1d2e667a [diff] [blame]
diff --git a/upload-pack.c b/upload-pack.c
index e23f16d..565e460 100644
--- a/upload-pack.c
+++ b/upload-pack.c

@@ -1067,7 +1067,7 @@ static void receive_needs(struct upload_pack_data *data,
 		const char *features;
 		struct object_id oid_buf;
 		const char *arg;
-		int feature_len;
+		size_t feature_len;
 
 		reset_timeout(data->timeout);
 		if (packet_reader_read(reader) != PACKET_READ_NORMAL)
commit	7ce4c8f752bc0da682acbda6457d6543ad5d0069	[log] [tgz]
author	Jeff King <peff@peff.net>	Fri Apr 14 17:25:20 2023 -0400
committer	Junio C Hamano <gitster@pobox.com>	Fri Apr 14 15:08:13 2023 -0700
tree	545d1046f411277a392118d3520c8385970a0765
parent	c4716236f218cd1278bde43ed2e6773f1d2e667a [diff] [blame]