Jeff King <peff@xxxxxxxx> writes: > Please use st_add3() while you are at it. > > I'd also usually suggest FLEX_ALLOC_MEM() for even more simplicity, but > it looks like filling the string is handled separately (and done many > times). > > I have to wonder, though, if it wouldn't be simpler to move away from > "struct dirent" here (and it looks like Junio suggested the same earlier > in the thread). I don't know this code very well, but it looks > like it could easily get by passing around a name pointer and a dtype > through the cached_dir. The patch below seems like it's not too bad a > cleanup, but possibly the names could be better. It does look like a good clean-up. In the meantime, here is to apologize for merging the patch a bit too early to 'next'. -- >8 -- From: Junio C Hamano <gitster@xxxxxxxxx> Date: Fri, 20 Dec 2019 09:55:53 -0800 Subject: [PATCH] dir.c: use st_add3() for allocation size When preparing a manufactured dirent instance, we add a length of path to the size of struct to decide how many bytes to allocate. Make sure this addition does not wrap-around to cause us underallocate. Suggested-by: Jeff King <peff@xxxxxxxx> Signed-off-by: Junio C Hamano <gitster@xxxxxxxxx> --- dir.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dir.c b/dir.c index e1b74f6478..113170aeb9 100644 --- a/dir.c +++ b/dir.c @@ -2154,7 +2154,7 @@ static int treat_leading_path(struct dir_struct *dir, * For either case, padding with len+1 bytes at the end will ensure * sufficient storage space. */ - de = xcalloc(1, sizeof(struct dirent)+len+1); + de = xcalloc(1, st_add3(sizeof(struct dirent), len, 1)); memset(&cdir, 0, sizeof(cdir)); cdir.de = de; #if defined(DT_UNKNOWN) && !defined(NO_D_TYPE_IN_DIRENT) -- 2.24.1-769-g187e15c71d
