Fix Coverity 1503218: negative loop bound

OPENSSL_sk_num returns an integer which can theoretically be negative. Assigning this to a size_t and using it as a loop bound isn't ideal. Rather than adding checked for NULL or negative returns, changing the loop index and end to int is simpler. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from #17954) (cherry picked from commit 0bcae98)
openssl · Nov 11, 2022 · c2564d1 · c2564d1
1 parent 4a1108e
commit c2564d1
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/crypto/encode_decode/decoder_pkey.c b/crypto/encode_decode/decoder_pkey.c
@@ -259,7 +259,7 @@ static void collect_decoder(OSSL_DECODER *decoder, void *arg)
 {
     struct collect_data_st *data = arg;
     STACK_OF(EVP_KEYMGMT) *keymgmts = data->keymgmts;
-    size_t i, end_i;
+    int i, end_i;
     EVP_KEYMGMT *keymgmt;
     const OSSL_PROVIDER *prov;
     void *provctx;