Attention is currently required from: plaisthos.
Hello plaisthos,
I'd like you to do a code review.
Please visit
http://gerrit.openvpn.net/c/openvpn/+/1491?usp=email
to review the following change.
Change subject: Fix various loop index types to avoid sign-compare issues
......................................................................
Fix various loop index types to avoid sign-compare issues
Just uses the correct types i.e. the same as the limit.
Since the index is usually only used as a non-negative
array index the type change does not cause any behavioral
changes.
But it avoids -Wsign-compare complaints and is just
cleaner.
Change-Id: Ib6c3e154fbe14113ff990f13347f85a7c93dd3e0
Signed-off-by: Frank Lichtenheld <[email protected]>
---
M src/openvpn/argv.c
M src/openvpn/crypto_openssl.c
M src/openvpn/dco_win.c
M src/openvpn/dns.c
M src/openvpn/options.c
M src/openvpn/route.c
M src/openvpn/ssl_verify_mbedtls.c
M src/openvpnserv/interactive.c
M src/plugins/down-root/down-root.c
M tests/unit_tests/openvpn/test_argv.c
M tests/unit_tests/openvpn/test_crypto.c
M tests/unit_tests/openvpn/test_cryptoapi.c
M tests/unit_tests/openvpn/test_pkt.c
M tests/unit_tests/openvpn/test_ssl.c
14 files changed, 27 insertions(+), 30 deletions(-)
git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/91/1491/1
diff --git a/src/openvpn/argv.c b/src/openvpn/argv.c
index 922ece0..8e37115 100644
--- a/src/openvpn/argv.c
+++ b/src/openvpn/argv.c
@@ -293,7 +293,7 @@
bool in_token = false;
char *f = gc_malloc(strlen(format) + 1, true, gc);
- for (int i = 0, j = 0; i < strlen(format); i++)
+ for (size_t i = 0, j = 0; i < strlen(format); i++)
{
if (format[i] == ' ')
{
diff --git a/src/openvpn/crypto_openssl.c b/src/openvpn/crypto_openssl.c
index ed39efa..2e49197 100644
--- a/src/openvpn/crypto_openssl.c
+++ b/src/openvpn/crypto_openssl.c
@@ -411,7 +411,7 @@
printf("\nThe following ciphers have a block size of less than 128 bits,
\n"
"and are therefore deprecated. Do not use unless you have
to.\n\n");
- for (int i = 0; i < cipher_list.num; i++)
+ for (size_t i = 0; i < cipher_list.num; i++)
{
if (cipher_kt_insecure(EVP_CIPHER_get0_name(cipher_list.list[i])))
{
diff --git a/src/openvpn/dco_win.c b/src/openvpn/dco_win.c
index 9599e9f3..695bf41 100644
--- a/src/openvpn/dco_win.c
+++ b/src/openvpn/dco_win.c
@@ -829,7 +829,7 @@
}
/* iterate over stats and update peers */
- for (int i = 0; i < bytes_returned / sizeof(OVPN_PEER_STATS); ++i)
+ for (size_t i = 0; i < bytes_returned / sizeof(OVPN_PEER_STATS); ++i)
{
OVPN_PEER_STATS *stat = &peer_stats[i];
diff --git a/src/openvpn/dns.c b/src/openvpn/dns.c
index b367d87..996622a 100644
--- a/src/openvpn/dns.c
+++ b/src/openvpn/dns.c
@@ -785,7 +785,7 @@
{
msg(D_SHOW_PARMS, " DNS server #%d:", i++);
- for (int j = 0; j < server->addr_count; ++j)
+ for (size_t j = 0; j < server->addr_count; ++j)
{
const char *addr;
const char *fmt_port;
diff --git a/src/openvpn/options.c b/src/openvpn/options.c
index 85669e0..9708062 100644
--- a/src/openvpn/options.c
+++ b/src/openvpn/options.c
@@ -3547,7 +3547,7 @@
while (s)
{
bool non_standard_server_port = false;
- for (int i = 0; i < s->addr_count; ++i)
+ for (size_t i = 0; i < s->addr_count; ++i)
{
if (s->addr[i].port && s->addr[i].port != 53)
{
@@ -3564,7 +3564,7 @@
else
{
bool overflow = false;
- for (int i = 0; i < s->addr_count; ++i)
+ for (size_t i = 0; i < s->addr_count; ++i)
{
if (s->addr[i].family == AF_INET && tt->dns_len + 1 <
N_DHCP_ADDR)
{
@@ -3664,7 +3664,7 @@
new->name = dhcp->domain;
entry = &new->next;
- for (size_t i = 0; i < dhcp->domain_search_list_len; ++i)
+ for (int i = 0; i < dhcp->domain_search_list_len; ++i)
{
ALLOC_OBJ_CLEAR_GC(*entry, struct dns_domain, &dns->gc);
struct dns_domain *new = *entry;
@@ -3674,13 +3674,13 @@
struct dns_server *server = dns_server_get(&dns->servers, 0,
&dns->gc);
const size_t max_addrs = SIZE(server->addr);
- for (size_t i = 0; i < dhcp->dns_len && server->addr_count <
max_addrs; ++i)
+ for (int i = 0; i < dhcp->dns_len && server->addr_count <
max_addrs; ++i)
{
server->addr[server->addr_count].in.a4.s_addr =
htonl(dhcp->dns[i]);
server->addr[server->addr_count].family = AF_INET;
server->addr_count += 1;
}
- for (size_t i = 0; i < dhcp->dns6_len && server->addr_count <
max_addrs; ++i)
+ for (int i = 0; i < dhcp->dns6_len && server->addr_count <
max_addrs; ++i)
{
server->addr[server->addr_count].in.a6 = dhcp->dns6[i];
server->addr[server->addr_count].family = AF_INET6;
@@ -3702,7 +3702,7 @@
while (s)
{
bool non_standard_server_port = false;
- for (int i = 0; i < s->addr_count; ++i)
+ for (size_t i = 0; i < s->addr_count; ++i)
{
if (s->addr[i].port && s->addr[i].port != 53)
{
@@ -3718,7 +3718,7 @@
}
else
{
- for (int i = 0; i < s->addr_count; ++i)
+ for (size_t i = 0; i < s->addr_count; ++i)
{
const char *option;
const char *value;
diff --git a/src/openvpn/route.c b/src/openvpn/route.c
index 93f61a1..9a0dcc4 100644
--- a/src/openvpn/route.c
+++ b/src/openvpn/route.c
@@ -582,7 +582,7 @@
add_block_local_item(rl, &rl->rgi.gateway, rl->spec.remote_endpoint);
/* process additional subnets on gateway interface */
- for (size_t i = 0; i < rl->rgi.n_addrs; ++i)
+ for (int i = 0; i < rl->rgi.n_addrs; ++i)
{
const struct route_gateway_address *gwa = &rl->rgi.addrs[i];
/* omit the add/subnet in &rl->rgi which we processed above */
@@ -1452,8 +1452,7 @@
else
{
/* examine additional subnets on gateway interface */
- size_t i;
- for (i = 0; i < rgi->n_addrs; ++i)
+ for (int i = 0; i < rgi->n_addrs; ++i)
{
const struct route_gateway_address *gwa = &rgi->addrs[i];
if (((network ^ gwa->addr) & gwa->netmask) == 0)
diff --git a/src/openvpn/ssl_verify_mbedtls.c b/src/openvpn/ssl_verify_mbedtls.c
index 4c29bc8..ad5479c 100644
--- a/src/openvpn/ssl_verify_mbedtls.c
+++ b/src/openvpn/ssl_verify_mbedtls.c
@@ -573,7 +573,6 @@
void
x509_setenv(struct env_set *es, int cert_depth, mbedtls_x509_crt *cert)
{
- int i;
unsigned char c;
const mbedtls_x509_name *name;
char s[128] = { 0 };
@@ -594,9 +593,10 @@
snprintf(name_expand, sizeof(name_expand), "X509_%d_\?\?",
cert_depth);
}
+ size_t i;
for (i = 0; i < name->val.len; i++)
{
- if (i >= (int)sizeof(s) - 1)
+ if (i >= sizeof(s) - 1)
{
break;
}
diff --git a/src/openvpnserv/interactive.c b/src/openvpnserv/interactive.c
index ad19e2c..4fa4889 100644
--- a/src/openvpnserv/interactive.c
+++ b/src/openvpnserv/interactive.c
@@ -1269,7 +1269,7 @@
if (!err || err == ERROR_MORE_DATA)
{
data[sizeof(data) - 1] = '\0';
- for (int i = 0; i < strlen(data); ++i)
+ for (size_t i = 0; i < strlen(data); ++i)
{
if (isalnum(data[i]) || data[i] == '-' || data[i] == '.')
{
@@ -1954,7 +1954,7 @@
SetNameServerAddresses(PWSTR itf_id, const nrpt_address_t *addresses)
{
const short families[] = { AF_INET, AF_INET6 };
- for (int i = 0; i < _countof(families); i++)
+ for (size_t i = 0; i < _countof(families); i++)
{
short family = families[i];
@@ -2436,7 +2436,7 @@
if (v4_addrs_size || v6_addrs_size)
{
/* Replace delimiters with semicolons, as required by NRPT */
- for (int j = 0; j < sizeof(data[0].addresses) &&
data[i].addresses[j]; j++)
+ for (size_t j = 0; j < sizeof(data[0].addresses) &&
data[i].addresses[j]; j++)
{
if (data[i].addresses[j] == ',' || data[i].addresses[j] == ' ')
{
@@ -2567,7 +2567,7 @@
GetNrptExcludeData(search_domains, data, _countof(data));
unsigned n = 0;
- for (int i = 0; i < _countof(data); ++i)
+ for (size_t i = 0; i < _countof(data); ++i)
{
nrpt_exclude_data_t *d = &data[i];
if (d->domains_size == 0)
diff --git a/src/plugins/down-root/down-root.c
b/src/plugins/down-root/down-root.c
index c0ea7a6..cd57189 100644
--- a/src/plugins/down-root/down-root.c
+++ b/src/plugins/down-root/down-root.c
@@ -318,7 +318,7 @@
}
/* Ignore argv[0], as it contains just the plug-in file name */
- for (int i = 1; i < string_array_len(argv); i++)
+ for (size_t i = 1; i < string_array_len(argv); i++)
{
context->command[i - 1] = (char *)argv[i];
}
diff --git a/tests/unit_tests/openvpn/test_argv.c
b/tests/unit_tests/openvpn/test_argv.c
index 25c0371..b1e3261 100644
--- a/tests/unit_tests/openvpn/test_argv.c
+++ b/tests/unit_tests/openvpn/test_argv.c
@@ -120,7 +120,6 @@
static void
argv_printf__long_args__data_correct(void **state)
{
- int i;
struct argv a = argv_new();
const char *args[] = {
"good_tools_have_good_names_even_though_it_might_impair_typing",
@@ -131,7 +130,7 @@
argv_printf(&a, "%s %s %s %s", args[0], args[1], args[2], args[3]);
assert_int_equal(a.argc, 4);
- for (i = 0; i < a.argc; i++)
+ for (size_t i = 0; i < a.argc; i++)
{
assert_string_equal(a.argv[i], args[i]);
}
@@ -229,12 +228,11 @@
{
struct argv a = argv_new();
struct argv b;
- int i;
argv_printf(&a, "%s", PATH2);
b = argv_insert_head(&a, PATH1);
assert_int_equal(b.argc, a.argc + 1);
- for (i = 0; i < b.argc; i++)
+ for (size_t i = 0; i < b.argc; i++)
{
if (i == 0)
{
diff --git a/tests/unit_tests/openvpn/test_crypto.c
b/tests/unit_tests/openvpn/test_crypto.c
index a1d7ddd..3d3e53a 100644
--- a/tests/unit_tests/openvpn/test_crypto.c
+++ b/tests/unit_tests/openvpn/test_crypto.c
@@ -101,7 +101,7 @@
char *lower = string_alloc(ciphername, &gc);
char *random_case = string_alloc(ciphername, &gc);
- for (int i = 0; i < strlen(ciphername); i++)
+ for (size_t i = 0; i < strlen(ciphername); i++)
{
upper[i] = (char)toupper((unsigned char)ciphername[i]);
lower[i] = (char)tolower((unsigned char)ciphername[i]);
diff --git a/tests/unit_tests/openvpn/test_cryptoapi.c
b/tests/unit_tests/openvpn/test_cryptoapi.c
index 4b5baf8..ce527d7 100644
--- a/tests/unit_tests/openvpn/test_cryptoapi.c
+++ b/tests/unit_tests/openvpn/test_cryptoapi.c
@@ -467,7 +467,7 @@
unsigned char hash[255];
(void)state;
- for (int i = 0; i < _countof(valid_str); i++)
+ for (size_t i = 0; i < _countof(valid_str); i++)
{
int len = parse_hexstring(valid_str[i], hash, _countof(hash));
assert_int_equal(len, sizeof(test_hash));
@@ -475,7 +475,7 @@
memset(hash, 0, _countof(hash));
}
- for (int i = 0; i < _countof(invalid_str); i++)
+ for (size_t i = 0; i < _countof(invalid_str); i++)
{
int len = parse_hexstring(invalid_str[i], hash, _countof(hash));
assert_int_equal(len, 0);
diff --git a/tests/unit_tests/openvpn/test_pkt.c
b/tests/unit_tests/openvpn/test_pkt.c
index ca62b38..fc2c0a1 100644
--- a/tests/unit_tests/openvpn/test_pkt.c
+++ b/tests/unit_tests/openvpn/test_pkt.c
@@ -236,7 +236,7 @@
free_tls_pre_decrypt_state(&state);
/* flip a byte in various places */
- for (int i = 0; i < sizeof(client_reset_v2_tls_crypt); i++)
+ for (size_t i = 0; i < sizeof(client_reset_v2_tls_crypt); i++)
{
buf_reset_len(&buf);
buf_write(&buf, client_reset_v2_tls_crypt,
sizeof(client_reset_v2_tls_crypt));
diff --git a/tests/unit_tests/openvpn/test_ssl.c
b/tests/unit_tests/openvpn/test_ssl.c
index 8ef9a3d..153aa77 100644
--- a/tests/unit_tests/openvpn/test_ssl.c
+++ b/tests/unit_tests/openvpn/test_ssl.c
@@ -620,7 +620,7 @@
* Statickey but XOR it to not repeat it */
uint8_t keydata[sizeof(key2.keys)];
- for (int i = 0; i < sizeof(key2.keys); i++)
+ for (size_t i = 0; i < sizeof(key2.keys); i++)
{
keydata[i] = (uint8_t)(key[i % sizeof(key)] ^ i);
}
--
To view, visit http://gerrit.openvpn.net/c/openvpn/+/1491?usp=email
To unsubscribe, or for help writing mail filters, visit
http://gerrit.openvpn.net/settings?usp=email
Gerrit-MessageType: newchange
Gerrit-Project: openvpn
Gerrit-Branch: master
Gerrit-Change-Id: Ib6c3e154fbe14113ff990f13347f85a7c93dd3e0
Gerrit-Change-Number: 1491
Gerrit-PatchSet: 1
Gerrit-Owner: flichtenheld <[email protected]>
Gerrit-Reviewer: plaisthos <[email protected]>
Gerrit-CC: openvpn-devel <[email protected]>
Gerrit-Attention: plaisthos <[email protected]>
_______________________________________________
Openvpn-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
