On Thu, May 26, 2011 at 04:34:20PM +0200, Jim Meyering wrote: > Argh. I went in with blinders on, thinking that the caller was > right in using a type of size_t, and then read this "xread" name and > assumed that it would exit upon failure. I've made the same mistake, as many of our x* functions are designed to die on error. > Subject: [PATCH] use the correct type (ssize_t, not size_t) for read-style function > > * sha1_file.c (index_stream): Using an unsigned type, > we would fail to detect a read error and then proceed to > try to write (size_t)-1 bytes. This version looks right to me. There's another one, too: -- >8 -- Subject: [PATCH] read_gitfile_gently: use ssize_t to hold read result Otherwise, a negative error return becomes a very large read value. We catch this in practice because we compare the expected and actual numbers of bytes (and you are not likely to be reading (size_t)-1 bytes), but this makes the correctness a little more obvious. Signed-off-by: Jeff King <peff@xxxxxxxx> --- setup.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/setup.c b/setup.c index 013ad11..ce87900 100644 --- a/setup.c +++ b/setup.c @@ -382,7 +382,7 @@ const char *read_gitfile_gently(const char *path) const char *slash; struct stat st; int fd; - size_t len; + ssize_t len; if (stat(path, &st)) return NULL; -- 1.7.4.5.13.gd3ff5 -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html