argv-array: use size_t for count and alloc

On most 64-bit platforms, "int" is significantly smaller than a size_t,
which could lead to integer overflow and under-allocation of the array.
It's probably impossible to trigger in practice, as it would imply on
the order of 2^32 individual allocations. Even if was possible to grow
an array in that way (and we typically only use it for sets of strings,
like command line options), each allocation needs a pointer, malloc
overhead, etc. You'd quite likely run out of RAM before succeeding in
such an overflow.

But all that hand-waving aside, it's easy enough to use the correct
type, so let's do so.

Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

diff --git a/argv-array.h b/argv-array.h
index a7d3b107077aba26602e0ffe02eea1f2a8174cbb..4fc57b6902fd7e74a8c56e8a84cebd5526284781 100644 (file)
--- a/argv-array.h
+++ b/argv-array.h
@@ -29,8 +29,8 @@ extern const char *empty_argv[];
  */
 struct argv_array {
        const char **argv;
-       int argc;
-       int alloc;
+       size_t argc;
+       size_t alloc;
 };
 
 #define ARGV_ARRAY_INIT { empty_argv, 0, 0 }