avoid promoting an unsigned short to an int before comparing it

`self->mm` is an unsigned short. `self->kk` is an unsigned short. `self->mm - self->kk` is promoted to an int. `i` is a size_t (a long unsigned int). `i < self->mm - self->kk` is `(long unsigned int) < (int)` is a compiler warning about comparing types with different signedness. `self->mm - self->kk` is never a negative overflow because `self->kk > self->mm` is not allowed by the constructor. Thus `self->mm - self->kk` is 0 at the smallest. long unsigned int is larger than unsigned short so neither `(size_t)self->mm` nor `(size_t)self->kk` is a positive overflow. Since there is no positive overflow on cast and there is no chance of negative values `(size_t)self->mm - (size_t)self->kk` has the same value as `self->mm - self->kk`.
tahoe-lafs · Jan 31, 2022 · 3eea2c0 · 3eea2c0
1 parent 1d312ef
commit 3eea2c0
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/zfec/_fecmodule.c b/zfec/_fecmodule.c
@@ -134,7 +134,7 @@ Encoder_encode(Encoder *self, PyObject *args) {
     if (!PyArg_ParseTuple(args, "O|O:Encoder.encode", &inblocks, &desired_blocks_nums))
         return NULL;
 
-    for (i = 0; i < self->mm - self->kk; i++)
+    for (i = 0; i < (size_t)self->mm - (size_t)self->kk; i++)
         pystrs_produced[i] = NULL;
 
     if (desired_blocks_nums) {