lib: mark infinite loops explicitly

There were few infinite loop constructions which were checking
for an always true condition. Make sure that this construction
is marked explicitly as while(1) to assist static analysers, or
reviewers.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

diff --git a/lib/x509/name_constraints.c b/lib/x509/name_constraints.c
index d5ce52ee70343b400f0fedb565d955700c121973..dba2fd4b9faf82fbe7696e0b1f39687f774a2677 100644 (file)
--- a/lib/x509/name_constraints.c
+++ b/lib/x509/name_constraints.c
@@ -116,7 +116,7 @@ int _gnutls_extract_name_constraints(ASN1_TYPE c2, const char *vstr,
 {
        int ret;
        char tmpstr[128];
-       unsigned indx = 0;
+       unsigned indx;
        gnutls_datum_t tmp = { NULL, 0 };
        unsigned int type;
        struct name_constraints_node_st *nc, *prev;
@@ -127,8 +127,7 @@ int _gnutls_extract_name_constraints(ASN1_TYPE c2, const char *vstr,
                        prev = prev->next;
        }
 
-       do {
-               indx++;
+       for (indx=1;;indx++) {
                snprintf(tmpstr, sizeof(tmpstr), "%s.?%u.base", vstr, indx);
 
                ret =
@@ -164,7 +163,7 @@ int _gnutls_extract_name_constraints(ASN1_TYPE c2, const char *vstr,
                }
 
                tmp.data = NULL;
-       } while (ret >= 0);
+       }
 
        if (ret < 0 && ret != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {
                gnutls_assert();
@@ -1071,13 +1070,12 @@ static unsigned check_unsupported_constraint2(gnutls_x509_crt_t cert,
        unsigned san_type;
        int ret;
 
-       idx = 0;
        found_one = 0;
 
-       do {
+       for (idx=0;;idx++) {
                name_size = sizeof(name);
                ret = gnutls_x509_crt_get_subject_alt_name2(cert,
-                       idx++, name, &name_size, &san_type, NULL);
+                       idx, name, &name_size, &san_type, NULL);
                if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
                        break;
                else if (ret < 0)
@@ -1088,7 +1086,7 @@ static unsigned check_unsupported_constraint2(gnutls_x509_crt_t cert,
 
                found_one = 1;
                break;
-       } while(ret >= 0);
+       }
 
        if (found_one != 0)
                return check_unsupported_constraint(nc, type);
@@ -1129,11 +1127,11 @@ unsigned found_one;
                return 1; /* shortcut; no constraints to check */
 
        if (type == GNUTLS_SAN_RFC822NAME) {
-               idx = found_one = 0;
-               do {
+               found_one = 0;
+               for (idx=0;;idx++) {
                        name_size = sizeof(name);
                        ret = gnutls_x509_crt_get_subject_alt_name2(cert,
-                               idx++, name, &name_size, &san_type, NULL);
+                               idx, name, &name_size, &san_type, NULL);
                        if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
                                break;
                        else if (ret < 0)
@@ -1149,7 +1147,7 @@ unsigned found_one;
                                &n);
                        if (t == 0)
                                return gnutls_assert_val(t);
-               } while(ret >= 0);
+               }
 
                /* there is at least a single e-mail. That means that the EMAIL field will
                 * not be used for verifying the identity of the holder. */
@@ -1190,11 +1188,11 @@ unsigned found_one;
                        return gnutls_assert_val(1);
                }
        } else if (type == GNUTLS_SAN_DNSNAME) {
-               idx = found_one = 0;
-               do {
+               found_one = 0;
+               for (idx=0;;idx++) {
                        name_size = sizeof(name);
                        ret = gnutls_x509_crt_get_subject_alt_name2(cert,
-                               idx++, name, &name_size, &san_type, NULL);
+                               idx, name, &name_size, &san_type, NULL);
                        if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
                                break;
                        else if (ret < 0)
@@ -1210,7 +1208,7 @@ unsigned found_one;
                                &n);
                        if (t == 0)
                                return gnutls_assert_val(t);
-               } while(ret >= 0);
+               }
 
                /* there is at least a single DNS name. That means that the CN will
                 * not be used for verifying the identity of the holder. */
@@ -1256,11 +1254,11 @@ unsigned found_one;
                        return gnutls_assert_val(1);
                }
        } else if (type == GNUTLS_SAN_IPADDRESS) {
-                       idx = found_one = 0;
-                       do {
+                       found_one = 0;
+                       for (idx=0;;idx++) {
                                name_size = sizeof(name);
                                ret = gnutls_x509_crt_get_subject_alt_name2(cert,
-                                       idx++, name, &name_size, &san_type, NULL);
+                                       idx, name, &name_size, &san_type, NULL);
                                if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
                                        break;
                                else if (ret < 0)
@@ -1275,7 +1273,7 @@ unsigned found_one;
                                t = gnutls_x509_name_constraints_check(nc, GNUTLS_SAN_IPADDRESS, &n);
                                if (t == 0)
                                        return gnutls_assert_val(t);
-                       } while(ret >= 0);
+                       }
 
                        /* there is at least a single IP address. */
 

diff --git a/lib/x509/x509_ext.c b/lib/x509/x509_ext.c
index aa09ef85f17371f37efcb60f4f3bbcead8d70443..6aeb159dba77e90b9f61de040456f1af84cb237d 100644 (file)
--- a/lib/x509/x509_ext.c
+++ b/lib/x509/x509_ext.c
@@ -236,8 +236,7 @@ int gnutls_x509_ext_import_subject_alt_names(const gnutls_datum_t * ext,
                goto cleanup;
        }
 
-       i = 0;
-       do {
+       for (i=0;;i++) {
                san.data = NULL;
                san.size = 0;
                othername_oid.data = NULL;
@@ -264,9 +263,7 @@ int gnutls_x509_ext_import_subject_alt_names(const gnutls_datum_t * ext,
                                            (char *)othername_oid.data, 1);
                if (ret < 0)
                        break;
-
-               i++;
-       } while (ret >= 0);
+       }
 
        sans->size = i;
        if (ret < 0 && ret != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) {
@@ -916,8 +913,7 @@ int gnutls_x509_ext_import_authority_key_id(const gnutls_datum_t * ext,
        }
 
        /* Read authorityCertIssuer */
-       i = 0;
-       do {
+       for (i=0;;i++) {
                san.data = NULL;
                san.size = 0;
                othername_oid.data = NULL;
@@ -944,9 +940,7 @@ int gnutls_x509_ext_import_authority_key_id(const gnutls_datum_t * ext,
                                            (char *)othername_oid.data, 1);
                if (ret < 0)
                        break;
-
-               i++;
-       } while (ret >= 0);
+       }
 
        aki->cert_issuer.size = i;
        if (ret < 0 && ret != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE
@@ -2444,8 +2438,7 @@ int gnutls_x509_ext_import_crl_dist_points(const gnutls_datum_t * ext,
                snprintf(name, sizeof(name),
                         "?%u.distributionPoint.fullName", (unsigned)i + 1);
 
-               j = 0;
-               do {
+               for (j=0;;j++) {
                        san.data = NULL;
                        san.size = 0;
 
@@ -2464,9 +2457,7 @@ int gnutls_x509_ext_import_crl_dist_points(const gnutls_datum_t * ext,
                        if (ret < 0)
                                break;
                        san.data = NULL; /* it is now in cdp */
-
-                       j++;
-               } while (ret >= 0);
+               }
 
                i++;
        } while (ret >= 0);