From: Joe Orton <jorton@apache.org>
Date: Thu, 18 Dec 2025 12:50:42 +0000 (+0000)
Subject: mod_md: change types of fields of ocsp_summary_ctx_t
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b6f3d786f660be49d035998b41a9f93b27751cd9;p=thirdparty%2Fapache%2Fhttpd.git

mod_md: change types of fields of ocsp_summary_ctx_t

The number of members in ostat_by_id may be up to UINT_MAX
and there are no guarantees that all types of members (good,
revoked or unknown) are present. An integer overflow may also
occur in md_ocsp_get_summary() when they are summed as ints.

Change types of good, revoked and unknown to unsigned.

Found by Linux Verification Center (linuxtesting.org) with SVACE.

Submitted by: Anastasia Belova <nabelova31 gmail.com>
Github: closes #534


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1930710 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/modules/md/md_ocsp.c b/modules/md/md_ocsp.c
index d2dfd73b68..74dd49058a 100644
--- a/modules/md/md_ocsp.c
+++ b/modules/md/md_ocsp.c
@@ -930,9 +930,9 @@ apr_status_t md_ocsp_remove_responses_older_than(md_ocsp_reg_t *reg, apr_pool_t
 typedef struct {
     apr_pool_t *p;
     md_ocsp_reg_t *reg;
-    int good;
-    int revoked;
-    int unknown;
+    unsigned good;
+    unsigned revoked;
+    unsigned unknown;
 } ocsp_summary_ctx_t;
 
 static int add_to_summary(void *baton, const void *key, apr_ssize_t klen, const void *val)