path: use size_t for dir_prefix length

The strlen() function returns a size_t. Storing this in a standard
signed int is a bad practice that invites overflow vulnerabilities if
paths get absurdly long.

Switch the variable to size_t. This is safe to do because 'len' is
strictly used as an argument to strncmp() (which expects size_t) and
as a positive array index, involving no signed arithmetic that could
rely on negative values.

Signed-off-by: K Jayatheerth <jayatheerthkulkarni2005@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

diff --git a/path.c b/path.c
index f613d8bbd15818d4396405cfaa68e177d8481794..56be5e17265313dd0ba2bf8d948bd4a71cae80db 100644 (file)
--- a/path.c
+++ b/path.c
@@ -58,7 +58,7 @@ static void strbuf_cleanup_path(struct strbuf *sb)
 
 static int dir_prefix(const char *buf, const char *dir)
 {
-       int len = strlen(dir);
+       size_t len = strlen(dir);
        return !strncmp(buf, dir, len) &&
                (is_dir_sep(buf[len]) || buf[len] == '\0');
 }