Make stripped_prefix_len signed

This is part of the general guideline that signed integer types
are safer.
* src/names.c (stripped_prefix_len): Return ptrdiff_t,
not size_t.  All callers changed.

src/common.h

@@ -810,7 +810,7 @@ struct name *name_scan (const char *name, bool exact);
 struct name const *name_from_list (void);
 void blank_name_list (void);
 char *make_file_name (const char *dir_name, const char *name);
-size_t stripped_prefix_len (char const *file_name, size_t num);
+ptrdiff_t stripped_prefix_len (char const *file_name, size_t num);
 bool all_names_found (struct tar_stat_info *st);
 
 void add_avoided_name (char const *name);

src/list.c

@@ -100,9 +100,9 @@ decode_xform (char *file_name, void *data)
 
   if (strip_name_components)
     {
-      size_t prefix_len = stripped_prefix_len (file_name,
-					       strip_name_components);
-      if (prefix_len == (size_t) -1)
+      ptrdiff_t prefix_len = stripped_prefix_len (file_name,
+						  strip_name_components);
+      if (prefix_len < 0)
 	prefix_len = strlen (file_name);
       file_name += prefix_len;
     }

src/names.c

@@ -1964,9 +1964,10 @@ make_file_name (const char *directory_name, const char *name)
 
 /* Return the size of the prefix of FILE_NAME that is removed after
    stripping NUM leading file name components.  NUM must be
-   positive.  */
+   positive.  Return a negative number if FILE_NAME does not have
+   enough components.  */
 
-size_t
+ptrdiff_t
 stripped_prefix_len (char const *file_name, size_t num)
 {
   char const *p = file_name + FILE_SYSTEM_PREFIX_LEN (file_name);