From f31b0693aa8847a47bb715bc836a08802c5e7410 Mon Sep 17 00:00:00 2001
From: Philipp Hofmann <philipp.hofmann@sentry.io>
Date: Tue, 15 Oct 2024 16:31:03 +0200
Subject: [PATCH] fix: Use UInts in envelope deserialization (#4441)

Use unsigned integers for the indexes for accessing envelope data to
eliminate the risk of negative indices.
---
 CHANGELOG.md                         | 2 ++
 Sources/Sentry/SentrySerialization.m | 8 ++++----
 2 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index d87ef6a1a3..09bf1b9a91 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -20,11 +20,13 @@ via the option `swizzleClassNameExclude`.
 - Swizzling RootUIViewController if ignored by `swizzleClassNameExclude` (#4407)
 - Data race in SentrySwizzleInfo.originalCalled (#4434)
 
+
 ### Improvements
 
 - Serializing profile on a BG Thread (#4377) to avoid potentially slightly blocking the main thread.
 - Session Replay performance for SwiftUI (#4419)
 - Speed up getBinaryImages (#4435) for finishing transactions and capturing events
+- Use UInts in envelope deserialization (#4441)
 
 ## 8.38.0
 
diff --git a/Sources/Sentry/SentrySerialization.m b/Sources/Sentry/SentrySerialization.m
index c43f047e2b..da006ef9e1 100644
--- a/Sources/Sentry/SentrySerialization.m
+++ b/Sources/Sentry/SentrySerialization.m
@@ -82,9 +82,9 @@ + (SentryEnvelope *_Nullable)envelopeWithData:(NSData *)data
 {
     SentryEnvelopeHeader *envelopeHeader = nil;
     const unsigned char *bytes = [data bytes];
-    int envelopeHeaderIndex = 0;
+    NSUInteger envelopeHeaderIndex = 0;
 
-    for (int i = 0; i < data.length; ++i) {
+    for (NSUInteger i = 0; i < data.length; ++i) {
         if (bytes[i] == '\n') {
             envelopeHeaderIndex = i;
             // Envelope header end
@@ -142,12 +142,12 @@ + (SentryEnvelope *_Nullable)envelopeWithData:(NSData *)data
     }
 
     // Parse items
-    NSInteger itemHeaderStart = envelopeHeaderIndex + 1;
+    NSUInteger itemHeaderStart = envelopeHeaderIndex + 1;
 
     NSMutableArray<SentryEnvelopeItem *> *items = [NSMutableArray new];
     NSUInteger endOfEnvelope = data.length - 1;
 
-    for (NSInteger i = itemHeaderStart; i <= endOfEnvelope; ++i) {
+    for (NSUInteger i = itemHeaderStart; i <= endOfEnvelope; ++i) {
         if (bytes[i] == '\n' || i == endOfEnvelope) {
 
             NSData *itemHeaderData =