From 613a76fb86294aa9ebff172932978c67b4d3cc3d Mon Sep 17 00:00:00 2001
From: Nikias Bassen
Date: Wed, 29 Oct 2025 16:43:35 +0100
Subject: xplist: Fix possible integer overflow

Thanks to @ylwango613 for reporting
---
 src/xplist.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/xplist.c b/src/xplist.c
index 66e1dba..7e39ea4 100644
--- a/src/xplist.c
+++ b/src/xplist.c
@@ -1066,7 +1066,7 @@ static plist_err_t node_from_xml(parse_ctx ctx, plist_t *plist)
                 ctx->err++;
                 goto err_out;
             }
-            int taglen = ctx->pos - p;
+            size_t taglen = ctx->pos - p;
             tag = (char*)malloc(taglen + 1);
             strncpy(tag, p, taglen);
             tag[taglen] = '\0';
@@ -1084,7 +1084,7 @@ static plist_err_t node_from_xml(parse_ctx ctx, plist_t *plist)
                 goto err_out;
             }
             if (*(ctx->pos-1) == '/') {
-                int idx = ctx->pos - p - 1;
+                size_t idx = ctx->pos - p - 1;
                 if (idx < taglen)
                     tag[idx] = '\0';
                 is_empty = 1;
-- 
cgit v1.1-32-gdbae