Fix constant bounds checking in evp_encodeblock_int

https://scan5.scan.coverity.com/#/project-view/60762/10222?selectedIssue=1677830

Reports that several locations in the above function bound for loops
with a check for
ret <= INT_MAX

Given that ret is defined as an int, it can never be larger than
INT_MAX, and so is always true.

We can just remove the check for this variable.

Reviewed-by: Saša Nedvědický <sashan@openssl.org>
Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29525)

diff --git a/crypto/evp/enc_b64_scalar.c b/crypto/evp/enc_b64_scalar.c
index d7b10f648bd212f73fef0237f2975ea2f4cfd7c7..89ccb735c1750e27e1dd90046d5b7a9c5e9efe98 100644 (file)
--- a/crypto/evp/enc_b64_scalar.c
+++ b/crypto/evp/enc_b64_scalar.c
@@ -147,7 +147,7 @@ int evp_encodeblock_int(EVP_ENCODE_CTX *ctx, unsigned char *t,
     }
 
     if (ctx_length == 1) {
-        while (i < dlen && ret <= INT_MAX && ctx != NULL) {
+        while (i < dlen && ctx != NULL) {
             t1 = f[i];
             *(t++) = e0[t1];
             *(t++) = e1[(t1 & 0x03) << 4];
@@ -166,7 +166,7 @@ int evp_encodeblock_int(EVP_ENCODE_CTX *ctx, unsigned char *t,
     } else if (ctx_length % 3 != 0) {
         i = 0;
         int wrap_cnt_nm3 = 0;
-        while (i + 2 < dlen && ret <= INT_MAX) {
+        while (i + 2 < dlen) {
             if (ctx != NULL) {
                 if ((wrap_cnt_nm3 < ctx->length
                         && (wrap_cnt_nm3 + 3 + wrap_cnt_by_input) > ctx->length)
@@ -216,7 +216,7 @@ int evp_encodeblock_int(EVP_ENCODE_CTX *ctx, unsigned char *t,
             }
         }
     } else {
-        for (i = 0; i + 2 < dlen && ret <= INT_MAX; i += 3) {
+        for (i = 0; i + 2 < dlen; i += 3) {
 
             t1 = f[i];
             t2 = f[i + 1];