Make sure that 'source_length' can not be negative in case of error.

src/codesign_sign.c

@@ -205,7 +205,7 @@ int MAIN(int argc, CHAR_T *argv[])
         goto clean_up;
     }
 
-    if (EVP_EncodeBlock((unsigned char*)base64, output, output_length) != base64_length)
+    if (int2uint(EVP_EncodeBlock((unsigned char*)base64, output, output_length)) != base64_length)
     {
         fputs("Error: Failed to encode signature to Base64!\n\n", stderr);
         goto clean_up;

src/codesign_verify.c

@@ -176,8 +176,8 @@ int MAIN(int argc, CHAR_T *argv[])
         goto clean_up;
     }
 
-    source_length = EVP_DecodeBlock(source, (unsigned char*)base64, base64_length);
-    if ((int)source_length <= 0)
+    source_length = int2uint(EVP_DecodeBlock(source, (unsigned char*)base64, base64_length));
+    if (!(source_length > 0U))
     {
         fputs("Error: Failed to decode signature data from Base64 format!\n\n", stderr);
         goto clean_up;

src/common.c

@@ -40,6 +40,15 @@ void print_license(void)
     fputs("Please see http://www.muldersoft.com for additional information.\n\n", stderr);
 }
 
+/*-------------------------------------------------------*/
+/* int2uint()                                            */
+/*-------------------------------------------------------*/
+
+unsigned int int2uint(const int value)
+{
+    return (value < 0) ? 0U : ((unsigned int)value);
+}
+
 /*-------------------------------------------------------*/
 /* convert_wchar_to_UTF8()                               */
 /*-------------------------------------------------------*/

src/common.h

@@ -14,6 +14,7 @@
 
 void print_logo(const char *const app_name);
 void print_license(void);
+unsigned int int2uint(const int value);
 char *convert_CHAR_to_UTF8(const CHAR_T *str);
 char *read_line_from_file(FILE *const file, const int trim);
 uint64_t get_current_time_usec(void);