Convert evbuffer_strspn() (internal helper) to use size_t

As pointed by @yankeehacker in #590:
  Signed to Unsigned Conversion Error - buffer.c:1623

  Description: This assignment creates a type mismatch by populating an
  unsigned variable with a signed value. The signed integer will be
  implicitly cast to an unsigned integer, converting negative values into
  positive ones. If an attacker can control the signed value, it may be
  possible to trigger a buffer overflow if the value specifies the length
  of a memory write.

  Remediation: Do not rely on implicit casts between signed and unsigned
  values because the result can take on an unexpected value and violate
  weak assumptions made elsewhere in the program.

Fixes: #590

diff --git a/buffer.c b/buffer.c
index 25a6e528b16ad5fd7ae5d69e289e8f18163f5b8d..f6ff84315c447cb5a7633806c36dc27c2db74122 100644 (file)
--- a/buffer.c
+++ b/buffer.c
@@ -1535,11 +1535,11 @@ evbuffer_find_eol_char(struct evbuffer_ptr *it)
        return (-1);
 }
 
-static inline int
+static inline size_t
 evbuffer_strspn(
        struct evbuffer_ptr *ptr, const char *chrset)
 {
-       int count = 0;
+       size_t count = 0;
        struct evbuffer_chain *chain = ptr->internal_.chain;
        size_t i = ptr->internal_.pos_in_chain;