lib: suppress false-positive -Wanalyzer-out-of-bounds

GCC analyzer from GCC 13 reports this:

  verify-high.c:1471:21: error: stack-based buffer over-read [CWE-126] [-Werror=analyzer-out-of-bounds]
   1471 |                 if (gnutls_x509_trust_list_get_issuer(
        |                     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   1472 |                             list, cert_list[i - 1], &issuer,

This is false-positive, as i is always in a range 0 < i < cert_list_size.

Signed-off-by: Daiki Ueno <ueno@gnu.org>

diff --git a/lib/x509/verify-high.c b/lib/x509/verify-high.c
index 7109bb0a8cb1203624017533a71021f99a706a8e..970fc9f03920aaecc08ab95961afe580c76526c5 100644 (file)
--- a/lib/x509/verify-high.c
+++ b/lib/x509/verify-high.c
@@ -1432,7 +1432,7 @@ int gnutls_x509_trust_list_verify_crt2(
        for (i = 0; i < cert_list_size &&
                    cert_list_size <= DEFAULT_MAX_VERIFY_DEPTH;) {
                unsigned int sorted_size = 1;
-               unsigned int j;
+               unsigned int j, k;
                gnutls_x509_crt_t issuer;
 
                if (!(flags & GNUTLS_VERIFY_DO_NOT_ALLOW_UNSORTED_CHAIN)) {
@@ -1440,6 +1440,8 @@ int gnutls_x509_trust_list_verify_crt2(
                                                         cert_list_size - i);
                }
 
+               assert(sorted_size > 0);
+
                /* Remove duplicates. Start with index 1, as the first element
                 * may be re-checked after issuer retrieval. */
                for (j = 0; j < sorted_size; j++) {
@@ -1459,13 +1461,20 @@ int gnutls_x509_trust_list_verify_crt2(
                }
 
                /* Record the certificates seen. */
-               for (j = 0; j < sorted_size; j++, i++) {
+               for (k = 0; k < sorted_size; k++, i++) {
                        if (!gl_list_nx_add_last(records, cert_list[i])) {
                                ret = gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
                                goto cleanup;
                        }
                }
 
+               /* Pacify GCC analyzer: the condition always holds
+                * true as sorted_size > 0 is checked above, and the
+                * following loop should iterate at least once so i++
+                * is called.
+                */
+               assert(i > 0);
+
                /* If the issuer of the certificate is known, no need
                 * for further processing. */
                if (gnutls_x509_trust_list_get_issuer(