Fix for empty stacks

The culprit is that `sk_num(stack)` can return -1
as c_int if there is no stack allocated.

Previously, thanks to unsafe casts, this would result in
a isize::max() for len() and iteration size if there was no stack.

Now this case is handled specifically, which fixes the issue.

1 files changed, 11 insertions, 2 deletions

diff --git a/openssl/src/stack.rs b/openssl/src/stack.rs
index 268afde7..d9795a51 100644
--- a/openssl/src/stack.rs
+++ b/openssl/src/stack.rs
@@ -116,7 +116,7 @@ pub struct IntoIter<T: Stackable> {
 
 impl<T: Stackable> IntoIter<T> {
     fn stack_len(&self) -> c_int {
-        unsafe { OPENSSL_sk_num(self.stack as *mut _) }
+        safe_stack_size(self.stack as *mut _) as c_int
     }
 }
 
@@ -154,6 +154,15 @@ impl<T: Stackable> ExactSizeIterator for IntoIter<T> {}
 
 pub struct StackRef<T: Stackable>(Opaque, PhantomData<T>);
 
+fn safe_stack_size(stack: *mut OPENSSL_STACK) -> usize {
+    let l = unsafe { OPENSSL_sk_num(stack) as isize };
+    if l < 0 {
+        0
+    } else {
+        l as usize
+    }
+}
+
 impl<T: Stackable> ForeignTypeRef for StackRef<T> {
     type CType = T::StackType;
 }
@@ -165,7 +174,7 @@ impl<T: Stackable> StackRef<T> {
 
     /// Returns the number of items in the stack
     pub fn len(&self) -> usize {
-        unsafe { OPENSSL_sk_num(self.as_stack()) as usize }
+        safe_stack_size(self.as_stack())
     }
 
     pub fn iter(&self) -> Iter<T> {