From eb1139f776759bb0b21f98e3fbd9826a6ad27099 Mon Sep 17 00:00:00 2001 From: Anastasia Belova Date: Mon, 2 Jun 2025 16:49:16 +0300 Subject: [PATCH] mod_md: change types of fields of ocsp_summary_ctx_t The number of members in ostat_by_id may be up to UINT_MAX and there are no guarantees that all types of members (good, revoked or unknown) are present. An integer overflow may also occur in md_ocsp_get_summary() when they are summed as ints. Change types of good, revoked and unknown to unsigned. Found by Linux Verification Center (linuxtesting.org) with SVACE. --- modules/md/md_ocsp.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/modules/md/md_ocsp.c b/modules/md/md_ocsp.c index af2dd152936..a34a74d2e3f 100644 --- a/modules/md/md_ocsp.c +++ b/modules/md/md_ocsp.c @@ -929,9 +929,9 @@ apr_status_t md_ocsp_remove_responses_older_than(md_ocsp_reg_t *reg, apr_pool_t typedef struct { apr_pool_t *p; md_ocsp_reg_t *reg; - int good; - int revoked; - int unknown; + unsigned good; + unsigned revoked; + unsigned unknown; } ocsp_summary_ctx_t; static int add_to_summary(void *baton, const void *key, apr_ssize_t klen, const void *val)