Re: Fix infinite loop from setting scram_iterations to INT_MAX

On Sun, Mar 23, 2025 at 10:41 PM Kevin K Biju <kevinkbiju@gmail.com> wrote:
> int i;
> ...
> for (i = 2; i <= iterations; i++)
> {
>     ...
> }
>
> For iterations = INT_MAX, the loop will never terminate since the condition is <= and adding 1 to INT_MAX will lead
toi wrapping around to INT_MIN. 
>
> I've fixed this by modifying the loop condition to be i < iterations. I've attached a patch with the fix. I
consideredadding a test as well, but since generating a password with a high number of iterations is very
time-consuming,I'm not sure if that would be practical. 

Nice catch.  The fix looks good to me.  It seems to me that it's fine
to go without a test case, since the fix is quite straightforward.

Thanks
Richard