gv_string_writer: gracefully handle sizes that exceed INT_MAX

Similar to the previous commit, this deals with some mismatch between the TCL
API expecting int and the Graphviz API dealing in size_t.

This stems from a mismatch between gv_channel_write (or back tracking this, the
write_fn member of GVC) dealing in size_t and the TCL API dealing in int. Prior
to this change, a write of more than INT_MAX through this function would result
in passing a negative value to TCL. I do not know how it responds to such
things. Following this change, a write of more than INT_MAX results in a
truncated write of at most INT_MAX, something callers should already be
anticipating. Squashes two compiler warnings.

diff --git a/tclpkg/gv/gv_tcl_init.c b/tclpkg/gv/gv_tcl_init.c
index 9e72a82ae482b985856908223fa5e4861bd1e08f..b6cd1944e862f11b6e7a11e162f4935f5cf87756 100644 (file)
--- a/tclpkg/gv/gv_tcl_init.c
+++ b/tclpkg/gv/gv_tcl_init.c
@@ -17,8 +17,10 @@
 
 static size_t gv_string_writer(GVJ_t *job, const char *s, size_t len)
 {
-    Tcl_AppendToObj((Tcl_Obj*)(job->output_file), s, len);
-    return len;
+  // clamp to INT_MAX
+  int l = len > (size_t)INT_MAX ? INT_MAX : (int)len;
+  Tcl_AppendToObj((Tcl_Obj*)(job->output_file), s, l);
+  return (size_t)l;
 }
 
 static size_t gv_channel_writer(GVJ_t *job, const char *s, size_t len)