path: root/builtin/worktree.c
diff options
authorJeff King <>2017-09-27 06:02:21 (GMT)
committerJunio C Hamano <>2017-09-27 06:45:57 (GMT)
commit228740b67b55f4ee23637bd1472a73ae50efe93a (patch)
tree48a1855d58b4bccd90ee407c834447f349db26e6 /builtin/worktree.c
parent41dcc4dcccecca49e3f75212ce9e614ffe2bdcc8 (diff)
worktree: use xsize_t to access file size
To read the "gitdir" file into memory, we stat the file and allocate a buffer. But we store the size in an "int", which may be truncated. We should use a size_t and xsize_t(), which will detect truncation. An overflow is unlikely for a "gitdir" file, but it's a good practice to model. Signed-off-by: Jeff King <> Reviewed-by: Jonathan Nieder <> Signed-off-by: Junio C Hamano <>
Diffstat (limited to 'builtin/worktree.c')
1 files changed, 3 insertions, 2 deletions
diff --git a/builtin/worktree.c b/builtin/worktree.c
index de26849..2f4a4ef 100644
--- a/builtin/worktree.c
+++ b/builtin/worktree.c
@@ -38,7 +38,8 @@ static int prune_worktree(const char *id, struct strbuf *reason)
struct stat st;
char *path;
- int fd, len;
+ int fd;
+ size_t len;
if (!is_directory(git_path("worktrees/%s", id))) {
strbuf_addf(reason, _("Removing worktrees/%s: not a valid directory"), id);
@@ -56,7 +57,7 @@ static int prune_worktree(const char *id, struct strbuf *reason)
id, strerror(errno));
return 1;
- len = st.st_size;
+ len = xsize_t(st.st_size);
path = xmallocz(len);
read_in_full(fd, path, len);