b58enc: Make loop variables unsigned
size can only be positive (and non-zero) as it is set to a positive expr + 1. high is initialised with size-1 which is never negative, and then set to j at the end of each loop iteration. It therefore can only be negative if j can. The heart of the loop assigns to buf[j] which is on the stack. If j can become negative during the loop then this is clearly undefined behaviour. Following the loop, high is unused and j is reset to 0 and only incremented. Thus both variables can be declared unsigned, and sys/types.h removed since there are no more ssize_t variables remaining. This removes the last two sign compare warnings from this file.
This commit is contained in:
Jon Griffiths
4
base58.c
4
base58.c
@@ -15,7 +15,6 @@
|
||||
#include <stddef.h>
|
||||
#include <stdint.h>
|
||||
#include <string.h>
|
||||
#include <sys/types.h>
|
||||
|
||||
#include "libbase58.h"
|
||||
|
||||
@@ -146,8 +145,7 @@ bool b58enc(char *b58, size_t *b58sz, const void *data, size_t binsz)
|
||||
{
|
||||
const uint8_t *bin = data;
|
||||
int carry;
|
||||
ssize_t j, high;
|
||||
size_t i, size, zcount = 0;
|
||||
size_t i, j, size, high, zcount = 0;
|
||||
|
||||
while (zcount < binsz && !bin[zcount])
|
||||
++zcount;
|
||||
|
||||
Reference in New Issue
Block a user