If you're going to check for negative, use an signed integer! Coverity ID 122.

author Ben Laurie <ben@openssl.org>

Thu, 5 Apr 2007 17:31:29 +0000 (17:31 +0000)

committer Ben Laurie <ben@openssl.org>

Thu, 5 Apr 2007 17:31:29 +0000 (17:31 +0000)
author Ben Laurie <ben@openssl.org>
Thu, 5 Apr 2007 17:31:29 +0000 (17:31 +0000)
committer Ben Laurie <ben@openssl.org>
Thu, 5 Apr 2007 17:31:29 +0000 (17:31 +0000)
diff --git a/crypto/pkcs7/pk7_doit.c b/crypto/pkcs7/pk7_doit.c

index 7eb053a656ada173008db15898d8eab56ea5cfc6..451de844894a59471024120f02632357686eca6e 100644 (file)
--- a/crypto/pkcs7/pk7_doit.c
+++ b/crypto/pkcs7/pk7_doit.c
@@ -1024,7 +1024,8 @@ int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
         if ((sk != NULL) && (sk_X509_ATTRIBUTE_num(sk) != 0))
                 {
                 unsigned char md_dat[EVP_MAX_MD_SIZE], *abuf = NULL;
-                unsigned int md_len, alen;
+                unsigned int md_len;
+               int alen;
                 ASN1_OCTET_STRING *message_digest;
  
                 EVP_DigestFinal_ex(&mdc_tmp,md_dat,&md_len);
author	Ben Laurie <ben@openssl.org>
	Thu, 5 Apr 2007 17:31:29 +0000 (17:31 +0000)
committer	Ben Laurie <ben@openssl.org>
	Thu, 5 Apr 2007 17:31:29 +0000 (17:31 +0000)