The code which parses untracked-cache extensions from disk keeps a "len" variable, which is the size of the string we are parsing. But since we now have an "end of string" variable, we can just use that to get the length when we need it. This eliminates the need to keep "len" up to date (and removes the possibility of any errors where "len" and "eos" get out of sync). As a bonus, it means we are not storing a string length in an "int", which is a potential source of overflows (though in this case it seems fairly unlikely for that to cause any memory problems). Signed-off-by: Jeff King <peff@xxxxxxxx> --- dir.c | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/dir.c b/dir.c index 17865f44df..60438b2cdc 100644 --- a/dir.c +++ b/dir.c @@ -2735,7 +2735,7 @@ static int read_one_dir(struct untracked_cache_dir **untracked_, const unsigned char *data = rd->data, *end = rd->end; const unsigned char *eos; unsigned int value; - int i, len; + int i; memset(&ud, 0, sizeof(ud)); @@ -2756,28 +2756,25 @@ static int read_one_dir(struct untracked_cache_dir **untracked_, eos = memchr(data, '\0', end - data); if (!eos || eos == end) return -1; - len = eos - data; - *untracked_ = untracked = xmalloc(st_add3(sizeof(*untracked), len, 1)); + *untracked_ = untracked = xmalloc(st_add3(sizeof(*untracked), eos - data, 1)); memcpy(untracked, &ud, sizeof(ud)); - memcpy(untracked->name, data, len + 1); + memcpy(untracked->name, data, eos - data + 1); data = eos + 1; for (i = 0; i < untracked->untracked_nr; i++) { eos = memchr(data, '\0', end - data); if (!eos || eos == end) return -1; - len = eos - data; - untracked->untracked[i] = xmemdupz(data, len); + untracked->untracked[i] = xmemdupz(data, eos - data); data = eos + 1; } rd->ucd[rd->index++] = untracked; rd->data = data; for (i = 0; i < untracked->dirs_nr; i++) { - len = read_one_dir(untracked->dirs + i, rd); - if (len < 0) + if (read_one_dir(untracked->dirs + i, rd) < 0) return -1; } return 0; -- 2.21.0.1092.g8b0302e9c4