diff options
| author | Lennart Poettering <lennart@poettering.net> | 2018-04-27 14:09:31 +0200 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2018-04-27 14:29:06 +0200 |
| commit | da6053d0a7c16795e7fac1f9ba6694863918a597 (patch) | |
| tree | 0bf9555c57e4770f9ac3c189fbfdddc8265432d7 /src/basic/strv.c | |
| parent | 545673d4b0c1bc4d8cdbe4f326442435af86265a (diff) | |
| download | systemd-da6053d0a7c16795e7fac1f9ba6694863918a597.tar.gz | |
tree-wide: be more careful with the type of array sizes
Previously we were a bit sloppy with the index and size types of arrays,
we'd regularly use unsigned. While I don't think this ever resulted in
real issues I think we should be more careful there and follow a
stricter regime: unless there's a strong reason not to use size_t for
array sizes and indexes, size_t it should be. Any allocations we do
ultimately will use size_t anyway, and converting forth and back between
unsigned and size_t will always be a source of problems.
Note that on 32bit machines "unsigned" and "size_t" are equivalent, and
on 64bit machines our arrays shouldn't grow that large anyway, and if
they do we have a problem, however that kind of overly large allocation
we have protections for usually, but for overflows we do not have that
so much, hence let's add it.
So yeah, it's a story of the current code being already "good enough",
but I think some extra type hygiene is better.
This patch tries to be comprehensive, but it probably isn't and I missed
a few cases. But I guess we can cover that later as we notice it. Among
smaller fixes, this changes:
1. strv_length()' return type becomes size_t
2. the unit file changes array size becomes size_t
3. DNS answer and query array sizes become size_t
Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=76745
Diffstat (limited to 'src/basic/strv.c')
| -rw-r--r-- | src/basic/strv.c | 22 |
1 files changed, 11 insertions, 11 deletions
diff --git a/src/basic/strv.c b/src/basic/strv.c index 07ac8834be..cb91f239e8 100644 --- a/src/basic/strv.c +++ b/src/basic/strv.c @@ -107,8 +107,8 @@ char **strv_copy(char * const *l) { return r; } -unsigned strv_length(char * const *l) { - unsigned n = 0; +size_t strv_length(char * const *l) { + size_t n = 0; if (!l) return 0; @@ -122,7 +122,7 @@ unsigned strv_length(char * const *l) { char **strv_new_ap(const char *x, va_list ap) { const char *s; char **a; - unsigned n = 0, i = 0; + size_t n = 0, i = 0; va_list aq; /* As a special trick we ignore all listed strings that equal @@ -257,7 +257,7 @@ int strv_extend_strv_concat(char ***a, char **b, const char *suffix) { char **strv_split(const char *s, const char *separator) { const char *word, *state; size_t l; - unsigned n, i; + size_t n, i; char **r; assert(s); @@ -287,7 +287,7 @@ char **strv_split(const char *s, const char *separator) { char **strv_split_newlines(const char *s) { char **l; - unsigned n; + size_t n; assert(s); @@ -380,7 +380,7 @@ char *strv_join(char **l, const char *separator) { int strv_push(char ***l, char *value) { char **c; - unsigned n, m; + size_t n, m; if (!value) return 0; @@ -405,7 +405,7 @@ int strv_push(char ***l, char *value) { int strv_push_pair(char ***l, char *a, char *b) { char **c; - unsigned n, m; + size_t n, m; if (!a && !b) return 0; @@ -431,9 +431,9 @@ int strv_push_pair(char ***l, char *a, char *b) { return 0; } -int strv_insert(char ***l, unsigned position, char *value) { +int strv_insert(char ***l, size_t position, char *value) { char **c; - unsigned n, m, i; + size_t n, m, i; if (!value) return 0; @@ -601,7 +601,7 @@ char **strv_parse_nulstr(const char *s, size_t l) { */ const char *p; - unsigned c = 0, i = 0; + size_t c = 0, i = 0; char **v; assert(s || l <= 0); @@ -765,7 +765,7 @@ int strv_extendf(char ***l, const char *format, ...) { } char **strv_reverse(char **l) { - unsigned n, i; + size_t n, i; n = strv_length(l); if (n <= 1) |