Use C99 for size_t loops.
This was done just by grepping for 'size_t i;' and 'size_t j;'. I left
everything in crypto/x509 and friends alone.
There's some instances in gcm.c that are non-trivial and pulled into a
separate CL for ease of review.
Change-Id: I6515804e3097f7e90855f1e7610868ee87117223
Reviewed-on: https://boringssl-review.googlesource.com/10801
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
diff --git a/ssl/custom_extensions.c b/ssl/custom_extensions.c
index 4a9baa8..ed802ee 100644
--- a/ssl/custom_extensions.c
+++ b/ssl/custom_extensions.c
@@ -32,8 +32,7 @@
static const SSL_CUSTOM_EXTENSION *custom_ext_find(
STACK_OF(SSL_CUSTOM_EXTENSION) *stack,
unsigned *out_index, uint16_t value) {
- size_t i;
- for (i = 0; i < sk_SSL_CUSTOM_EXTENSION_num(stack); i++) {
+ for (size_t i = 0; i < sk_SSL_CUSTOM_EXTENSION_num(stack); i++) {
const SSL_CUSTOM_EXTENSION *ext = sk_SSL_CUSTOM_EXTENSION_value(stack, i);
if (ext->value == value) {
if (out_index != NULL) {
@@ -69,8 +68,7 @@
return 1;
}
- size_t i;
- for (i = 0; i < sk_SSL_CUSTOM_EXTENSION_num(stack); i++) {
+ for (size_t i = 0; i < sk_SSL_CUSTOM_EXTENSION_num(stack); i++) {
const SSL_CUSTOM_EXTENSION *ext = sk_SSL_CUSTOM_EXTENSION_value(stack, i);
if (ssl->server &&
diff --git a/ssl/d1_both.c b/ssl/d1_both.c
index 712c63b..5ea29da 100644
--- a/ssl/d1_both.c
+++ b/ssl/d1_both.c
@@ -217,7 +217,6 @@
* and |frag->reassembly| must not be NULL. */
static void dtls1_hm_fragment_mark(hm_fragment *frag, size_t start,
size_t end) {
- size_t i;
size_t msg_len = frag->msg_len;
if (frag->reassembly == NULL || start > end || end > msg_len) {
@@ -231,7 +230,7 @@
frag->reassembly[start >> 3] |= bit_range(start & 7, end & 7);
} else {
frag->reassembly[start >> 3] |= bit_range(start & 7, 8);
- for (i = (start >> 3) + 1; i < (end >> 3); i++) {
+ for (size_t i = (start >> 3) + 1; i < (end >> 3); i++) {
frag->reassembly[i] = 0xff;
}
if ((end & 7) != 0) {
@@ -240,7 +239,7 @@
}
/* Check if the fragment is complete. */
- for (i = 0; i < (msg_len >> 3); i++) {
+ for (size_t i = 0; i < (msg_len >> 3); i++) {
if (frag->reassembly[i] != 0xff) {
return;
}
@@ -681,8 +680,7 @@
}
void dtls_clear_outgoing_messages(SSL *ssl) {
- size_t i;
- for (i = 0; i < ssl->d1->outgoing_messages_len; i++) {
+ for (size_t i = 0; i < ssl->d1->outgoing_messages_len; i++) {
OPENSSL_free(ssl->d1->outgoing_messages[i].data);
ssl->d1->outgoing_messages[i].data = NULL;
}
@@ -816,8 +814,7 @@
assert(ssl_is_wbio_buffered(ssl));
int ret = -1;
- size_t i;
- for (i = 0; i < ssl->d1->outgoing_messages_len; i++) {
+ for (size_t i = 0; i < ssl->d1->outgoing_messages_len; i++) {
if (dtls1_retransmit_message(ssl, &ssl->d1->outgoing_messages[i]) <= 0) {
goto err;
}
diff --git a/ssl/handshake_client.c b/ssl/handshake_client.c
index b0a25e0..36a070b 100644
--- a/ssl/handshake_client.c
+++ b/ssl/handshake_client.c
@@ -594,8 +594,7 @@
STACK_OF(SSL_CIPHER) *ciphers = SSL_get_ciphers(ssl);
int any_enabled = 0;
- size_t i;
- for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) {
+ for (size_t i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) {
const SSL_CIPHER *cipher = sk_SSL_CIPHER_value(ciphers, i);
/* Skip disabled ciphers */
if ((cipher->algorithm_mkey & ssl->cert->mask_k) ||
diff --git a/ssl/handshake_server.c b/ssl/handshake_server.c
index d2fe749..c48ea6c 100644
--- a/ssl/handshake_server.c
+++ b/ssl/handshake_server.c
@@ -1145,8 +1145,7 @@
int have_ecdsa_sign = 0;
const uint16_t *sig_algs;
size_t sig_algs_len = tls12_get_psigalgs(ssl, &sig_algs);
- size_t i;
- for (i = 0; i < sig_algs_len; i++) {
+ for (size_t i = 0; i < sig_algs_len; i++) {
switch (sig_algs[i]) {
case SSL_SIGN_RSA_PKCS1_SHA512:
case SSL_SIGN_RSA_PKCS1_SHA384:
@@ -1494,8 +1493,7 @@
size_t padding_len = decrypt_len - premaster_secret_len;
uint8_t good = constant_time_eq_int_8(decrypt_buf[0], 0) &
constant_time_eq_int_8(decrypt_buf[1], 2);
- size_t i;
- for (i = 2; i < padding_len - 1; i++) {
+ for (size_t i = 2; i < padding_len - 1; i++) {
good &= ~constant_time_is_zero_8(decrypt_buf[i]);
}
good &= constant_time_is_zero_8(decrypt_buf[padding_len - 1]);
@@ -1509,7 +1507,7 @@
/* Select, in constant time, either the decrypted premaster or the random
* premaster based on |good|. */
- for (i = 0; i < premaster_secret_len; i++) {
+ for (size_t i = 0; i < premaster_secret_len; i++) {
premaster_secret[i] = constant_time_select_8(
good, decrypt_buf[padding_len + i], premaster_secret[i]);
}
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 408d5de..3378526 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -252,7 +252,6 @@
const struct ssl_cipher_preference_list_st *server_pref) {
const SSL_CIPHER *c, *ret = NULL;
STACK_OF(SSL_CIPHER) *srvr = server_pref->ciphers, *prio, *allow;
- size_t i;
int ok;
size_t cipher_index;
uint32_t alg_k, alg_a, mask_k, mask_a;
@@ -282,7 +281,7 @@
ssl_get_compatible_server_ciphers(ssl, &mask_k, &mask_a);
- for (i = 0; i < sk_SSL_CIPHER_num(prio); i++) {
+ for (size_t i = 0; i < sk_SSL_CIPHER_num(prio); i++) {
c = sk_SSL_CIPHER_value(prio, i);
ok = 1;
diff --git a/ssl/ssl_aead_ctx.c b/ssl/ssl_aead_ctx.c
index e5bfe86..0f6f64f 100644
--- a/ssl/ssl_aead_ctx.c
+++ b/ssl/ssl_aead_ctx.c
@@ -229,8 +229,7 @@
/* XOR the fixed nonce, if necessary. */
if (aead->xor_fixed_nonce) {
assert(nonce_len == aead->fixed_nonce_len);
- size_t i;
- for (i = 0; i < aead->fixed_nonce_len; i++) {
+ for (size_t i = 0; i < aead->fixed_nonce_len; i++) {
nonce[i] ^= aead->fixed_nonce[i];
}
}
@@ -316,8 +315,7 @@
/* XOR the fixed nonce, if necessary. */
if (aead->xor_fixed_nonce) {
assert(nonce_len == aead->fixed_nonce_len);
- size_t i;
- for (i = 0; i < aead->fixed_nonce_len; i++) {
+ for (size_t i = 0; i < aead->fixed_nonce_len; i++) {
nonce[i] ^= aead->fixed_nonce[i];
}
}
diff --git a/ssl/ssl_asn1.c b/ssl/ssl_asn1.c
index 4409f35..6395a00 100644
--- a/ssl/ssl_asn1.c
+++ b/ssl/ssl_asn1.c
@@ -340,8 +340,7 @@
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
goto err;
}
- size_t i;
- for (i = 0; i < sk_X509_num(in->cert_chain); i++) {
+ for (size_t i = 0; i < sk_X509_num(in->cert_chain); i++) {
if (!ssl_add_cert_to_cbb(&child, sk_X509_value(in->cert_chain, i))) {
goto err;
}
diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c
index e770279..0c5a7af 100644
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c
@@ -364,8 +364,7 @@
return NULL;
}
- size_t i;
- for (i = 0; i < sk_X509_NAME_num(list); i++) {
+ for (size_t i = 0; i < sk_X509_NAME_num(list); i++) {
X509_NAME *name = X509_NAME_dup(sk_X509_NAME_value(list, i));
if (name == NULL || !sk_X509_NAME_push(ret, name)) {
X509_NAME_free(name);
@@ -544,8 +543,7 @@
return 0;
}
- size_t i;
- for (i = 0; i < sk_X509_num(chain); i++) {
+ for (size_t i = 0; i < sk_X509_num(chain); i++) {
x = sk_X509_value(chain, i);
if (!ssl_add_cert_with_length(&child, x)) {
return 0;
@@ -562,8 +560,7 @@
/* Don't leave errors in the queue */
ERR_clear_error();
- size_t i;
- for (i = 0; i < sk_X509_num(xs_ctx.chain); i++) {
+ for (size_t i = 0; i < sk_X509_num(xs_ctx.chain); i++) {
x = sk_X509_value(xs_ctx.chain, i);
if (!ssl_add_cert_with_length(&child, x)) {
X509_STORE_CTX_cleanup(&xs_ctx);
diff --git a/ssl/ssl_cipher.c b/ssl/ssl_cipher.c
index e58d889..ea274ad 100644
--- a/ssl/ssl_cipher.c
+++ b/ssl/ssl_cipher.c
@@ -1047,8 +1047,7 @@
/* The set of ciphers is static, but some subset may be unsupported by
* |ssl_method|, so the list may be smaller. */
size_t co_list_num = 0;
- size_t i;
- for (i = 0; i < kCiphersLen; i++) {
+ for (size_t i = 0; i < kCiphersLen; i++) {
const SSL_CIPHER *cipher = &kCiphers[i];
if (ssl_method->supports_cipher(cipher)) {
co_list[co_list_num].cipher = cipher;
@@ -1067,7 +1066,7 @@
if (co_list_num > 1) {
co_list[0].next = &co_list[1];
- for (i = 1; i < co_list_num - 1; i++) {
+ for (size_t i = 1; i < co_list_num - 1; i++) {
co_list[i].prev = &co_list[i - 1];
co_list[i].next = &co_list[i + 1];
}
diff --git a/ssl/ssl_ecdh.c b/ssl/ssl_ecdh.c
index 079ddb5..16599e4 100644
--- a/ssl/ssl_ecdh.c
+++ b/ssl/ssl_ecdh.c
@@ -504,8 +504,7 @@
};
static const SSL_ECDH_METHOD *method_from_group_id(uint16_t group_id) {
- size_t i;
- for (i = 0; i < OPENSSL_ARRAY_SIZE(kMethods); i++) {
+ for (size_t i = 0; i < OPENSSL_ARRAY_SIZE(kMethods); i++) {
if (kMethods[i].group_id == group_id) {
return &kMethods[i];
}
@@ -514,8 +513,7 @@
}
static const SSL_ECDH_METHOD *method_from_nid(int nid) {
- size_t i;
- for (i = 0; i < OPENSSL_ARRAY_SIZE(kMethods); i++) {
+ for (size_t i = 0; i < OPENSSL_ARRAY_SIZE(kMethods); i++) {
if (kMethods[i].nid == nid) {
return &kMethods[i];
}
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index bdc1074..04a1411 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -2533,13 +2533,12 @@
static int cbb_add_hex(CBB *cbb, const uint8_t *in, size_t in_len) {
static const char hextable[] = "0123456789abcdef";
uint8_t *out;
- size_t i;
if (!CBB_add_space(cbb, &out, in_len * 2)) {
return 0;
}
- for (i = 0; i < in_len; i++) {
+ for (size_t i = 0; i < in_len; i++) {
*(out++) = (uint8_t)hextable[in[i] >> 4];
*(out++) = (uint8_t)hextable[in[i] & 0xf];
}
@@ -2708,9 +2707,8 @@
* as a min/max range by picking the lowest contiguous non-empty range of
* enabled protocols. Note that this means it is impossible to set a maximum
* version of the higest supported TLS version in a future-proof way. */
- size_t i;
int any_enabled = 0;
- for (i = 0; i < kVersionsLen; i++) {
+ for (size_t i = 0; i < kVersionsLen; i++) {
/* Only look at the versions already enabled. */
if (min_version > kVersions[i].version) {
continue;
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 03db0e6..ab4b663 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -382,14 +382,13 @@
int tls1_set_curves(uint16_t **out_group_ids, size_t *out_group_ids_len,
const int *curves, size_t ncurves) {
uint16_t *group_ids;
- size_t i;
group_ids = OPENSSL_malloc(ncurves * sizeof(uint16_t));
if (group_ids == NULL) {
return 0;
}
- for (i = 0; i < ncurves; i++) {
+ for (size_t i = 0; i < ncurves; i++) {
if (!ssl_nid_to_group_id(&group_ids[i], curves[i])) {
OPENSSL_free(group_ids);
return 0;
@@ -1739,8 +1738,7 @@
return 0;
}
- size_t i;
- for (i = 0; i < num_profiles; i++) {
+ for (size_t i = 0; i < num_profiles; i++) {
if (!CBB_add_u16(&profile_ids,
sk_SRTP_PROTECTION_PROFILE_value(profiles, i)->id)) {
return 0;
@@ -1787,8 +1785,7 @@
/* Check to see if the server gave us something we support (and presumably
* offered). */
- size_t i;
- for (i = 0; i < sk_SRTP_PROTECTION_PROFILE_num(profiles); i++) {
+ for (size_t i = 0; i < sk_SRTP_PROTECTION_PROFILE_num(profiles); i++) {
const SRTP_PROTECTION_PROFILE *profile =
sk_SRTP_PROTECTION_PROFILE_value(profiles, i);
@@ -1823,8 +1820,7 @@
SSL_get_srtp_profiles(ssl);
/* Pick the server's most preferred profile. */
- size_t i;
- for (i = 0; i < sk_SRTP_PROTECTION_PROFILE_num(server_profiles); i++) {
+ for (size_t i = 0; i < sk_SRTP_PROTECTION_PROFILE_num(server_profiles); i++) {
const SRTP_PROTECTION_PROFILE *server_profile =
sk_SRTP_PROTECTION_PROFILE_value(server_profiles, i);
@@ -1877,8 +1873,7 @@
const STACK_OF(SSL_CIPHER) *cipher_stack = SSL_get_ciphers(ssl);
- size_t i;
- for (i = 0; i < sk_SSL_CIPHER_num(cipher_stack); i++) {
+ for (size_t i = 0; i < sk_SSL_CIPHER_num(cipher_stack); i++) {
const SSL_CIPHER *cipher = sk_SSL_CIPHER_value(cipher_stack, i);
const uint32_t alg_k = cipher->algorithm_mkey;
@@ -2279,8 +2274,7 @@
size_t groups_len;
tls1_get_grouplist(ssl, 0, &groups, &groups_len);
- size_t i;
- for (i = 0; i < groups_len; i++) {
+ for (size_t i = 0; i < groups_len; i++) {
if (!CBB_add_u16(&groups_bytes, groups[i])) {
return 0;
}
@@ -2318,8 +2312,7 @@
}
const size_t num_groups = CBS_len(&supported_group_list) / 2;
- size_t i;
- for (i = 0; i < num_groups; i++) {
+ for (size_t i = 0; i < num_groups; i++) {
if (!CBS_get_u16(&supported_group_list,
&ssl->s3->tmp.peer_supported_group_list[i])) {
goto err;
@@ -2524,14 +2517,13 @@
ssl->s3->tmp.extensions.sent = 0;
ssl->s3->tmp.custom_extensions.sent = 0;
- size_t i;
- for (i = 0; i < kNumExtensions; i++) {
+ for (size_t i = 0; i < kNumExtensions; i++) {
if (kExtensions[i].init != NULL) {
kExtensions[i].init(ssl);
}
}
- for (i = 0; i < kNumExtensions; i++) {
+ for (size_t i = 0; i < kNumExtensions; i++) {
const size_t len_before = CBB_len(&extensions);
if (!kExtensions[i].add_clienthello(ssl, &extensions)) {
OPENSSL_PUT_ERROR(SSL, SSL_R_ERROR_ADDING_EXTENSION);
@@ -2787,8 +2779,7 @@
}
}
- size_t i;
- for (i = 0; i < kNumExtensions; i++) {
+ for (size_t i = 0; i < kNumExtensions; i++) {
if (!(received & (1u << i))) {
/* Extension wasn't observed so call the callback with a NULL
* parameter. */
diff --git a/ssl/tls_record.c b/ssl/tls_record.c
index 133fc8e..8915b39 100644
--- a/ssl/tls_record.c
+++ b/ssl/tls_record.c
@@ -139,8 +139,7 @@
}
int ssl_record_sequence_update(uint8_t *seq, size_t seq_len) {
- size_t i;
- for (i = seq_len - 1; i < seq_len; i--) {
+ for (size_t i = seq_len - 1; i < seq_len; i--) {
++seq[i];
if (seq[i] != 0) {
return 1;
