Merge branch 'jk/tree-walk-overflow'

Codepaths to walk tree objects have been audited for integer
overflows and hardened.

* jk/tree-walk-overflow:
tree-walk: harden make_traverse_path() length computations
tree-walk: add a strbuf wrapper for make_traverse_path()
tree-walk: accept a raw length for traverse_path_len()
tree-walk: use size_t consistently
tree-walk: drop oid from traverse_info
setup_traverse_info(): stop copying oid

diff --cc builtin/merge-tree.c
Simple merge

diff --cc cache-tree.c
Simple merge

diff --cc tree-walk.c
Simple merge

diff --cc tree-walk.h
index 2a5db29e8f196f535c75fbf84dcae8f45ca5c4a3,a3ad54e6ce7def4711268c9f972556efd53a6ff1..abe2caf4e0faae271967787b02137505a22ac5ff
--- 1/tree-walk.h
--- 2/tree-walk.h
+++ b/tree-walk.h
@@@ -68,13 -69,18 +71,18 @@@ struct traverse_info 
        int show_all_errors;
  };
  
 -int get_tree_entry(const struct object_id *, const char *, struct object_id *, unsigned short *);
 +int get_tree_entry(struct repository *, const struct object_id *, const char *, struct object_id *, unsigned short *);
- char *make_traverse_path(char *path, const struct traverse_info *info, const struct name_entry *n);
+ char *make_traverse_path(char *path, size_t pathlen, const struct traverse_info *info,
+                        const char *name, size_t namelen);
+ void strbuf_make_traverse_path(struct strbuf *out,
+                              const struct traverse_info *info,
+                              const char *name, size_t namelen);
  void setup_traverse_info(struct traverse_info *info, const char *base);
  
- static inline int traverse_path_len(const struct traverse_info *info, const struct name_entry *n)
+ static inline size_t traverse_path_len(const struct traverse_info *info,
+                                      size_t namelen)
  {
-       return info->pathlen + tree_entry_len(n);
+       return st_add(info->pathlen, namelen);
  }
  
  /* in general, positive means "kind of interesting" */

diff --cc unpack-trees.c
Simple merge