Fix constant bounds checking in evp_encodeblock_int

https://scan5.scan.coverity.com/#/project-view/60762/10222?selectedIssue=1677830 Reports that several locations in the above function bound for loops with a check for ret <= INT_MAX Given that ret is defined as an int, it can never be larger than INT_MAX, and so is always true. We can just remove the check for this variable. Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org> (Merged from https://github.com/openssl/openssl/pull/29525)
2026-01-18 17:11:31 +01:00 · 2025-12-30 14:11:56 -05:00
parent 3b69cc994c
commit fb99acc994
1 changed files with 3 additions and 3 deletions
--- a/crypto/evp/enc_b64_scalar.c
+++ b/crypto/evp/enc_b64_scalar.c
@@ -147,7 +147,7 @@ int evp_encodeblock_int(EVP_ENCODE_CTX *ctx, unsigned char *t,
    }

    if (ctx_length == 1) {
-        while (i < dlen && ret <= INT_MAX && ctx != NULL) {
+        while (i < dlen && ctx != NULL) {
            t1 = f[i];
            *(t++) = e0[t1];
            *(t++) = e1[(t1 & 0x03) << 4];
@@ -166,7 +166,7 @@ int evp_encodeblock_int(EVP_ENCODE_CTX *ctx, unsigned char *t,
    } else if (ctx_length % 3 != 0) {
        i = 0;
        int wrap_cnt_nm3 = 0;
-        while (i + 2 < dlen && ret <= INT_MAX) {
+        while (i + 2 < dlen) {
            if (ctx != NULL) {
                if ((wrap_cnt_nm3 < ctx->length
                        && (wrap_cnt_nm3 + 3 + wrap_cnt_by_input) > ctx->length)
@@ -216,7 +216,7 @@ int evp_encodeblock_int(EVP_ENCODE_CTX *ctx, unsigned char *t,
            }
        }
    } else {
-        for (i = 0; i + 2 < dlen && ret <= INT_MAX; i += 3) {
+        for (i = 0; i + 2 < dlen; i += 3) {

            t1 = f[i];
            t2 = f[i + 1];