grep: change some int types.

Change several int variables to size_t, ssize_t, or ptrdiff_t.
This should fix the bug described in CVE-2012-5667 when an input
line is so long that its length cannot be stored in an int
variable.

This is based on NetBSD's revision which says:

This change to NetBSD's version of GNU grep 2.5.1 (licenced under
GPLv2) was made without direct reference to any code licenced
under GPLv3.

Obtained from:	NetBSD
MFC after:	3 days

3 files changed, 11 insertions, 9 deletions

diff --git a/gnu/usr.bin/grep/dfa.c b/gnu/usr.bin/grep/dfa.c
index 920d139..faf4f0b 100644
--- a/gnu/usr.bin/grep/dfa.c
+++ b/gnu/usr.bin/grep/dfa.c
@@ -334,9 +334,10 @@ static int hard_LC_COLLATE;	/* Nonzero if LC_COLLATE is hard.  */
 #ifdef MBS_SUPPORT
 /* These variables are used only if (MB_CUR_MAX > 1).  */
 static mbstate_t mbs;		/* Mbstate for mbrlen().  */
-static int cur_mb_len;		/* Byte length of the current scanning
-				   multibyte character.  */
-static int cur_mb_index;        /* Byte index of the current scanning multibyte
+static ssize_t cur_mb_len;	/* Byte length of the current scanning
+				   multibyte character.  Must also handle
+				   negative result from mbrlen().  */
+static ssize_t cur_mb_index;	/* Byte index of the current scanning multibyte
                                    character.
 
 				   singlebyte character : cur_mb_index = 0
@@ -369,7 +370,7 @@ static unsigned char const *buf_end;	/* refference to end in dfaexec().  */
 /* This function update cur_mb_len, and cur_mb_index.
    p points current lexptr, len is the remaining buffer length.  */
 static void
-update_mb_len_index (unsigned char const *p, int len)
+update_mb_len_index (unsigned char const *p, size_t len)
 {
   /* If last character is a part of a multibyte character,
      we update cur_mb_index.  */
@@ -2463,7 +2464,7 @@ match_mb_charset (struct dfa *d, int s, position pos, int index)
   int match;		/* Flag which represent that matching succeed.  */
   int match_len;	/* Length of the character (or collating element)
 			   with which this operator match.  */
-  int op_len;		/* Length of the operator.  */
+  size_t op_len;	/* Length of the operator.  */
   char buffer[128];
   wchar_t wcbuf[6];
 
diff --git a/gnu/usr.bin/grep/grep.c b/gnu/usr.bin/grep/grep.c
index 0cab4a1..223ee91 100644
--- a/gnu/usr.bin/grep/grep.c
+++ b/gnu/usr.bin/grep/grep.c
@@ -1350,9 +1350,9 @@ int
 main (int argc, char **argv)
 {
   char *keys;
-  size_t keycc, oldcc, keyalloc;
+  size_t cc, keycc, oldcc, keyalloc;
   int with_filenames;
-  int opt, cc, status;
+  int opt, status;
   int default_context;
   FILE *fp;
   extern char *optarg;
diff --git a/gnu/usr.bin/grep/search.c b/gnu/usr.bin/grep/search.c
index 982d2c5..96ee181 100644
--- a/gnu/usr.bin/grep/search.c
+++ b/gnu/usr.bin/grep/search.c
@@ -112,7 +112,7 @@ static void
 kwsinit (void)
 {
   static char trans[NCHAR];
-  int i;
+  size_t i;
 
   if (match_icase)
     for (i = 0; i < NCHAR; ++i)
@@ -326,7 +326,8 @@ EGexecute (char const *buf, size_t size, size_t *match_size, int exact)
 {
   register char const *buflim, *beg, *end;
   char eol = eolbyte;
-  int backref, start, len;
+  int backref;
+  ptrdiff_t start, len;
   struct kwsmatch kwsm;
   size_t i, ret_val;
   static int use_dfa;