summaryrefslogtreecommitdiff
path: root/xdiff-interface.c
diff options
context:
space:
mode:
authorShawn O. Pearce <spearce@spearce.org>2007-03-06 20:44:37 -0500
committerJunio C Hamano <junkio@cox.net>2007-03-07 11:15:26 -0800
commitdc49cd769b5fa6b7e0114b051c34a849828a7603 (patch)
tree7eafafcd36ab731599da3fb5e59d3f4379c342d3 /xdiff-interface.c
parent6777a59fcdfd96b9ca5cba49cb265c6c47de3d02 (diff)
downloadgit-dc49cd769b5fa6b7e0114b051c34a849828a7603.tar.gz
Cast 64 bit off_t to 32 bit size_t
Some systems have sizeof(off_t) == 8 while sizeof(size_t) == 4. This implies that we are able to access and work on files whose maximum length is around 2^63-1 bytes, but we can only malloc or mmap somewhat less than 2^32-1 bytes of memory. On such a system an implicit conversion of off_t to size_t can cause the size_t to wrap, resulting in unexpected and exciting behavior. Right now we are working around all gcc warnings generated by the -Wshorten-64-to-32 option by passing the off_t through xsize_t(). In the future we should make xsize_t on such problematic platforms detect the wrapping and die if such a file is accessed. Signed-off-by: Shawn O. Pearce <spearce@spearce.org> Signed-off-by: Junio C Hamano <junkio@cox.net>
Diffstat (limited to 'xdiff-interface.c')
-rw-r--r--xdiff-interface.c8
1 files changed, 5 insertions, 3 deletions
diff --git a/xdiff-interface.c b/xdiff-interface.c
index 6c1f99b149..10816e95a0 100644
--- a/xdiff-interface.c
+++ b/xdiff-interface.c
@@ -107,16 +107,18 @@ int read_mmfile(mmfile_t *ptr, const char *filename)
{
struct stat st;
FILE *f;
+ size_t sz;
if (stat(filename, &st))
return error("Could not stat %s", filename);
if ((f = fopen(filename, "rb")) == NULL)
return error("Could not open %s", filename);
- ptr->ptr = xmalloc(st.st_size);
- if (fread(ptr->ptr, st.st_size, 1, f) != 1)
+ sz = xsize_t(st.st_size);
+ ptr->ptr = xmalloc(sz);
+ if (fread(ptr->ptr, sz, 1, f) != 1)
return error("Could not read %s", filename);
fclose(f);
- ptr->size = st.st_size;
+ ptr->size = sz;
return 0;
}