This is part of the general guideline that signed integer types
are safer.
* src/names.c (stripped_prefix_len): Return ptrdiff_t,
not size_t. All callers changed.
struct name const *name_from_list (void);
void blank_name_list (void);
char *make_file_name (const char *dir_name, const char *name);
-size_t stripped_prefix_len (char const *file_name, size_t num);
+ptrdiff_t stripped_prefix_len (char const *file_name, size_t num);
bool all_names_found (struct tar_stat_info *st);
void add_avoided_name (char const *name);
if (strip_name_components)
{
- size_t prefix_len = stripped_prefix_len (file_name,
- strip_name_components);
- if (prefix_len == (size_t) -1)
+ ptrdiff_t prefix_len = stripped_prefix_len (file_name,
+ strip_name_components);
+ if (prefix_len < 0)
prefix_len = strlen (file_name);
file_name += prefix_len;
}
/* Return the size of the prefix of FILE_NAME that is removed after
stripping NUM leading file name components. NUM must be
- positive. */
+ positive. Return a negative number if FILE_NAME does not have
+ enough components. */
-size_t
+ptrdiff_t
stripped_prefix_len (char const *file_name, size_t num)
{
char const *p = file_name + FILE_SYSTEM_PREFIX_LEN (file_name);
projects / thirdparty / tar.git / commitdiff
