From 9003d50cffac4362b1c52ff49609e246564034ba Mon Sep 17 00:00:00 2001 From: Michael Drake Date: Sat, 20 Sep 2025 17:03:09 +0100 Subject: [PATCH 1/2] parse: language: Unsigned difference expression compared to zero Squash CodeQL `cpp/unsigned-difference-expression-compared-zero` issues. This rule finds relational comparisons between the result of an unsigned subtraction and the value `0`. Such comparisons are likely to be wrong as the value of an unsigned subtraction can never be negative. So the relational comparison ends up checking whether the result of the subtraction is equal to 0. This is probably not what the programmer intended. --- src/parse/language.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/parse/language.c b/src/parse/language.c index 936ab3d..2121a05 100644 --- a/src/parse/language.c +++ b/src/parse/language.c @@ -1194,7 +1194,7 @@ css_error parseNth(css_language *c, data[consumed] != 'N')) return CSS_INVALID; - if (len - (++consumed) > 0) { + if (++consumed < len) { if (data[consumed] != '-') return CSS_INVALID; @@ -1202,7 +1202,7 @@ css_error parseNth(css_language *c, sign = -1; had_sign = true; - if (len - (++consumed) > 0) { + if (++consumed < len) { size_t bstart; /* Reject additional sign */ From 1e6c3d3075f25e09a49de342cdad1b2c46a0893a Mon Sep 17 00:00:00 2001 From: Michael Drake Date: Sat, 20 Sep 2025 17:07:21 +0100 Subject: [PATCH 2/2] lex: Unsigned difference expression compared to zero Squash CodeQL `cpp/unsigned-difference-expression-compared-zero` issue. This rule finds relational comparisons between the result of an unsigned subtraction and the value `0`. Such comparisons are likely to be wrong as the value of an unsigned subtraction can never be negative. So the relational comparison ends up checking whether the result of the subtraction is equal to 0. This is probably not what the programmer intended. --- src/lex/lex.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/lex/lex.c b/src/lex/lex.c index 5269db3..36cc5d5 100644 --- a/src/lex/lex.c +++ b/src/lex/lex.c @@ -881,7 +881,7 @@ css_error Hash(css_lexer *lexer, css_token **token) return error; /* Require at least one NMChar otherwise, we're just a raw '#' */ - if (lexer->bytesReadForToken - lexer->context.origBytes > 0) + if (lexer->bytesReadForToken > lexer->context.origBytes) return emitToken(lexer, CSS_TOKEN_HASH, token); return emitToken(lexer, CSS_TOKEN_CHAR, token);