From a001e19882733dcda6049d409fe2f39c56db6a33 Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Mon, 15 Jul 2024 12:06:08 +0200
Subject: [PATCH] dh-gex: Avoid theoretical integer underflow

The coverity thinks the best_nlines could be 0 for logging at the end of the
function. It is obvious that the 0 is immediately incremented. Changing the code
to do this in one step to make it easier to understand for static analyzers.

 ** CID 1548873:  Integer handling issues  (INTEGER_OVERFLOW)

Thanks coverity

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
Reviewed-by: Eshan Kelkar <eshankelkar@galorithm.com>
---
 src/dh-gex.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/src/dh-gex.c b/src/dh-gex.c
index e37fef00..d9eb0d2f 100644
--- a/src/dh-gex.c
+++ b/src/dh-gex.c
@@ -450,10 +450,9 @@ static int ssh_retrieve_dhgroup_file(FILE *moduli,
         proposed_size = size + 1;
         if (proposed_size != *best_size &&
             dhgroup_better_size(pmin, pn, pmax, *best_size, proposed_size)) {
-            best_nlines = 0;
+            best_nlines = 1;
             *best_size = proposed_size;
-        }
-        if (proposed_size == *best_size) {
+        } else if (proposed_size == *best_size) {
             best_nlines++;
         }