Coverity claims: ``` *** CID 1439330: Integer handling issues (CONSTANT_EXPRESSION_RESULT) /src/lib/crypt_ops/crypto_rsa.c: 554 in crypto_pk_read_private_key_from_filename() 548 const char *keyfile) 549 { 550 struct stat st; 551 char *buf = read_file_to_str(keyfile, 0, &st); 552 if (!buf) 553 return -1; CID 1439330: Integer handling issues (CONSTANT_EXPRESSION_RESULT) "st.st_size > 9223372036854775807L" is always false regardless of the values of its operands. This occurs as the logical operand of "if". 554 if (st.st_size > SSIZE_MAX) 555 return -1; 556 557 int rv = crypto_pk_read_private_key_from_string(env, buf, 558 (ssize_t)st.st_size); 559 memwipe(buf, 0, (size_t)st.st_size); ``` But st_size is off_t, and the POSIX standard doesn't require a particular size for off_t: ``` blkcnt_t and off_t shall be signed integer types. ``` http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/sys_types.h.html#tag_13_67 In particular, some 32-bit pointer (SSIZE_MAX) operating systems may have a 64-bit file off_t. (I know that at least one BSD does, and I suspect that macOS and Linux also do in their 64-bit file size modes.)