GitLab

* buffer.h (overlays_at, sort_overlays, GET_OVERLAYS_AT):
* editfns.c (overlays_around, get_pos_property):
* textprop.c (get_char_property_and_overlay):
* xdisp.c (next_overlay_change, note_mouse_highlight):
* xfaces.c (face_at_buffer_position):
* buffer.c (overlays_at, sort_overlays, Foverlays_at)
(Fnext_overlay_change, Fprevious_overlay_change):
Use ptrdiff_t, not int, for sizes.
(overlays_at): Check for size-calculation overflow.

(x_session_initialize): Do not assume string length fits in int.

This is unlikely, but can occur if DPI is outlandish.

* xrdb.c (magic_file_p, search_magic_path):
Omit last arg SUFFIX; it was always 0.  All callers changed.
(magic_file_p): Use ptrdiff_t, not int.  Check for size overflow.

(xic_create_fontsetname, x_window): Use ptrdiff_t, not int.

not unsigned long, as we prefer signed integers.  All callers changed.
Detect integer overflow in repeat count.
(message_dolog): Don't assume print length fits in 39 bytes.

(struct termcap_buffer, tgetent): Use ptrdiff_t, not int, for sizes.
(gobble_line): Check for size-calculation overflow.

Don't assume string length fits in int.

Don't assume integer property fits in fixnum.
* font.h (font_intern_prop): 2nd arg is now ptrdiff_t, not int.

(font_parse_xlfd, font_parse_fcname, font_unparse_fcname):
Use ptrdiff_t, not int.

(get_boot_time): Don't assume that gzip command string fits in 100 bytes.
Reformulate so as not to need the command string.
Invoke gzip -cd rather than gunzip, as it's more portable.
(lock_info_type, lock_file_1, lock_file):
Don't assume pid_t and time_t fit in unsigned long.
(LOCK_PID_MAX): Remove; we now use more-reliable bounds.
(current_lock_owner): Prefer signed type for sizes.
Use memcpy, not strncpy, where memcpy is what is really wanted.
Don't assume (via atoi) that time_t and pid_t fit in int.
Check for time_t and/or pid_t out of range, e.g., via a network share.
Don't alloca where an auto var works fine.

(file_name_as_directory, Fexpand_file_name, Fsubstitute_in_file_name):
Don't assume string length fits in int.
(directory_file_name): Don't assume string length fits in long.
(make_temp_name): Don't assume pid fits in int, or that its print
length is less than 20.

We prefer signed integers, even for size calculations.

(DEFINE_DUMMY_FUNCTION, sort_args): Use ptrdiff_t, not int.
(main): Don't invoke strlen when not needed.

(XD_DEBUG_MESSAGE): Don't waste a byte.

All uses changed.  This doesn't fix a bug, but it simplifies the
code away from its former Hollerith-constant appearance, and it's
one less 'int' to worry about when looking at integer-overflow issues.

This didn't break anything, but it didn't help either.
It's confusing to put a bogus integer in a place where the actual
value does not matter.

* dispnew.c (add_window_display_history): Use BVAR.

* xdisp.c (debug_method_add): Use BVAR.
(check_window_end, dump_glyph_matrix, dump_glyph)
(dump_glyph_row, dump_glyph_string): Convert arglist to ANSI C.

* xfaces.c (check_lface_attrs, check_lface, dump_realized_face):
Likewise.

* xfns.c (Fx_create_frame, x_create_tip_frame): Delay image cache
check till after the cache is created in init_frame_faces.

not EMACS_UINT and EMACS_INT, when converting pointer to integer.
This avoids a GCC warning when WIDE_EMACS_INT.

We prefer signed types, and the value cannot exceed the EMACS_INT
range anyway (because otherwise the length would not be representable).

This is for consistency with the ordinary, non-USE_LISP_UNION_TYPE,
implementation.