# HG changeset patch
# User David Kilzer <ddkilzer@apple.com>
# Date 1663799428 25200
#      Wed Sep 21 15:30:28 2022 -0700
# Node ID a32efe0d6327b9dbfa5f689ea381294699f1f775
# Parent  baece50b8f398cb89e3d38c8187ec1d654175a7a
xsltEvalUserParams() and xsltQuoteUserParams() are susceptible to integer overflow when iterating through const char** array

* libxslt/variables.c:
(xsltEvalUserParams):
(xsltQuoteUserParams):
- Prevent integer overflow by changing the type of `indx`
  variables from `int` to `size_t`.

diff --git a/libxslt/variables.c b/libxslt/variables.c
--- a/libxslt/variables.c
+++ b/libxslt/variables.c
@@ -1683,7 +1683,7 @@
 
 int
 xsltEvalUserParams(xsltTransformContextPtr ctxt, const char **params) {
-    int indx = 0;
+    size_t indx = 0;
     const xmlChar *name;
     const xmlChar *value;
 
@@ -1713,7 +1713,7 @@
 
 int
 xsltQuoteUserParams(xsltTransformContextPtr ctxt, const char **params) {
-    int indx = 0;
+    size_t indx = 0;
     const xmlChar *name;
     const xmlChar *value;