From f91719c41ecf96fe661a3fa03b5d22b8e6d52402 Mon Sep 17 00:00:00 2001
From: Michael Forney <mforney@mforney.org>
Date: Mon, 15 Nov 2021 13:10:02 -0800
Subject: [PATCH] bearssl: Remove unnecessary CA blob length check

BearSSL APIs take a size_t length parameter, so unlike OpenSSL,
there is no conversion to int and no reason to check that it's less
than INT_MAX.
---
 lib/vtls/bearssl.c | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/lib/vtls/bearssl.c b/lib/vtls/bearssl.c
index 934149c..32d9a5b 100644
--- a/lib/vtls/bearssl.c
+++ b/lib/vtls/bearssl.c
@@ -133,9 +133,6 @@ static CURLcode load_cafile(struct cafile_source *source,
       return CURLE_SSL_CACERT_BADFILE;
   }
 
-  if(source->type == CAFILE_SOURCE_BLOB && source->len > (size_t)INT_MAX)
-    return CURLE_SSL_CACERT_BADFILE;
-
   ca.err = CURLE_OK;
   ca.in_cert = FALSE;
   ca.anchors = NULL;
-- 
2.42.0