Resolve a small handful of size_t truncation warnings.
This is very far from all of it, but I did some easy ones before I got bored. Snapshot the progress until someone else wants to continue this. BUG=22 Change-Id: I2609e9766d883a273e53e01a75a4b1d4700e2436 Reviewed-on: https://boringssl-review.googlesource.com/9132 Reviewed-by: Adam Langley <agl@google.com> Commit-Queue: Adam Langley <agl@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
This commit is contained in:
David Benjamin
CQ bot account: commit-bot@chromium.org
parent
b9195402b4
commit
22edd87755
@ -111,7 +111,7 @@ void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, uint8_t *out, int *out_len,
|
|||||||
|
|
||||||
if (sizeof(ctx->data) - ctx->data_used > in_len) {
|
if (sizeof(ctx->data) - ctx->data_used > in_len) {
|
||||||
memcpy(&ctx->data[ctx->data_used], in, in_len);
|
memcpy(&ctx->data[ctx->data_used], in, in_len);
|
||||||
ctx->data_used += in_len;
|
ctx->data_used += (unsigned)in_len;
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -152,14 +152,14 @@ void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, uint8_t *out, int *out_len,
|
|||||||
memcpy(ctx->data, in, in_len);
|
memcpy(ctx->data, in, in_len);
|
||||||
}
|
}
|
||||||
|
|
||||||
ctx->data_used = in_len;
|
ctx->data_used = (unsigned)in_len;
|
||||||
|
|
||||||
if (total > INT_MAX) {
|
if (total > INT_MAX) {
|
||||||
/* We cannot signal an error, but we can at least avoid making *out_len
|
/* We cannot signal an error, but we can at least avoid making *out_len
|
||||||
* negative. */
|
* negative. */
|
||||||
total = 0;
|
total = 0;
|
||||||
}
|
}
|
||||||
*out_len = total;
|
*out_len = (int)total;
|
||||||
}
|
}
|
||||||
|
|
||||||
void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx, uint8_t *out, int *out_len) {
|
void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx, uint8_t *out, int *out_len) {
|
||||||
@ -172,7 +172,11 @@ void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx, uint8_t *out, int *out_len) {
|
|||||||
out[encoded++] = '\n';
|
out[encoded++] = '\n';
|
||||||
out[encoded] = '\0';
|
out[encoded] = '\0';
|
||||||
ctx->data_used = 0;
|
ctx->data_used = 0;
|
||||||
*out_len = encoded;
|
|
||||||
|
/* ctx->data_used is bounded by sizeof(ctx->data), so this does not
|
||||||
|
* overflow. */
|
||||||
|
assert(encoded <= INT_MAX);
|
||||||
|
*out_len = (int)encoded;
|
||||||
}
|
}
|
||||||
|
|
||||||
size_t EVP_EncodeBlock(uint8_t *dst, const uint8_t *src, size_t src_len) {
|
size_t EVP_EncodeBlock(uint8_t *dst, const uint8_t *src, size_t src_len) {
|
||||||
@ -344,7 +348,7 @@ int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, uint8_t *out, int *out_len,
|
|||||||
*out_len = 0;
|
*out_len = 0;
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
*out_len = bytes_out;
|
*out_len = (int)bytes_out;
|
||||||
|
|
||||||
if (ctx->eof_seen) {
|
if (ctx->eof_seen) {
|
||||||
return 0;
|
return 0;
|
||||||
@ -434,5 +438,5 @@ int EVP_DecodeBlock(uint8_t *dst, const uint8_t *src, size_t src_len) {
|
|||||||
}
|
}
|
||||||
assert(dst_len <= INT_MAX);
|
assert(dst_len <= INT_MAX);
|
||||||
|
|
||||||
return dst_len;
|
return (int)dst_len;
|
||||||
}
|
}
|
||||||
|
|||||||
@ -221,7 +221,7 @@ int CBB_flush(CBB *cbb) {
|
|||||||
/* For ASN.1 we assume that we'll only need a single byte for the length.
|
/* For ASN.1 we assume that we'll only need a single byte for the length.
|
||||||
* If that turned out to be incorrect, we have to move the contents along
|
* If that turned out to be incorrect, we have to move the contents along
|
||||||
* in order to make space. */
|
* in order to make space. */
|
||||||
size_t len_len;
|
uint8_t len_len;
|
||||||
uint8_t initial_length_byte;
|
uint8_t initial_length_byte;
|
||||||
|
|
||||||
assert (cbb->child->pending_len_len == 1);
|
assert (cbb->child->pending_len_len == 1);
|
||||||
@ -243,7 +243,7 @@ int CBB_flush(CBB *cbb) {
|
|||||||
initial_length_byte = 0x80 | 1;
|
initial_length_byte = 0x80 | 1;
|
||||||
} else {
|
} else {
|
||||||
len_len = 1;
|
len_len = 1;
|
||||||
initial_length_byte = len;
|
initial_length_byte = (uint8_t)len;
|
||||||
len = 0;
|
len = 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -262,7 +262,7 @@ int CBB_flush(CBB *cbb) {
|
|||||||
|
|
||||||
for (i = cbb->child->pending_len_len - 1; i < cbb->child->pending_len_len;
|
for (i = cbb->child->pending_len_len - 1; i < cbb->child->pending_len_len;
|
||||||
i--) {
|
i--) {
|
||||||
cbb->base->buf[cbb->child->offset + i] = len;
|
cbb->base->buf[cbb->child->offset + i] = (uint8_t)len;
|
||||||
len >>= 8;
|
len >>= 8;
|
||||||
}
|
}
|
||||||
if (len != 0) {
|
if (len != 0) {
|
||||||
@ -292,7 +292,7 @@ size_t CBB_len(const CBB *cbb) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
static int cbb_add_length_prefixed(CBB *cbb, CBB *out_contents,
|
static int cbb_add_length_prefixed(CBB *cbb, CBB *out_contents,
|
||||||
size_t len_len) {
|
uint8_t len_len) {
|
||||||
uint8_t *prefix_bytes;
|
uint8_t *prefix_bytes;
|
||||||
|
|
||||||
if (!CBB_flush(cbb)) {
|
if (!CBB_flush(cbb)) {
|
||||||
|
|||||||
@ -263,10 +263,10 @@ static int aead_ssl3_open(const EVP_AEAD_CTX *ctx, uint8_t *out,
|
|||||||
total += len;
|
total += len;
|
||||||
assert(total == in_len);
|
assert(total == in_len);
|
||||||
|
|
||||||
/* Remove CBC padding and MAC. This would normally be timing-sensitive, but SSLv3 CBC
|
/* Remove CBC padding and MAC. This would normally be timing-sensitive, but
|
||||||
* ciphers are already broken. Support will be removed eventually.
|
* SSLv3 CBC ciphers are already broken. Support will be removed eventually.
|
||||||
* https://www.openssl.org/~bodo/ssl-poodle.pdf */
|
* https://www.openssl.org/~bodo/ssl-poodle.pdf */
|
||||||
unsigned data_len;
|
size_t data_len;
|
||||||
if (EVP_CIPHER_CTX_mode(&ssl3_ctx->cipher_ctx) == EVP_CIPH_CBC_MODE) {
|
if (EVP_CIPHER_CTX_mode(&ssl3_ctx->cipher_ctx) == EVP_CIPH_CBC_MODE) {
|
||||||
unsigned padding_length = out[total - 1];
|
unsigned padding_length = out[total - 1];
|
||||||
if (total < padding_length + 1 + mac_len) {
|
if (total < padding_length + 1 + mac_len) {
|
||||||
|
|||||||
@ -66,6 +66,7 @@
|
|||||||
|
|
||||||
#include <openssl/ecdh.h>
|
#include <openssl/ecdh.h>
|
||||||
|
|
||||||
|
#include <limits.h>
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
|
|
||||||
#include <openssl/bn.h>
|
#include <openssl/bn.h>
|
||||||
@ -142,7 +143,12 @@ int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
|
|||||||
memcpy(out, buf, outlen);
|
memcpy(out, buf, outlen);
|
||||||
}
|
}
|
||||||
|
|
||||||
ret = outlen;
|
if (outlen > INT_MAX) {
|
||||||
|
OPENSSL_PUT_ERROR(ECDH, ERR_R_OVERFLOW);
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
|
||||||
|
ret = (int)outlen;
|
||||||
|
|
||||||
err:
|
err:
|
||||||
OPENSSL_free(buf);
|
OPENSSL_free(buf);
|
||||||
|
|||||||
@ -215,10 +215,14 @@ int OBJ_obj2nid(const ASN1_OBJECT *obj) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
int OBJ_cbs2nid(const CBS *cbs) {
|
int OBJ_cbs2nid(const CBS *cbs) {
|
||||||
|
if (CBS_len(cbs) > INT_MAX) {
|
||||||
|
return NID_undef;
|
||||||
|
}
|
||||||
|
|
||||||
ASN1_OBJECT obj;
|
ASN1_OBJECT obj;
|
||||||
memset(&obj, 0, sizeof(obj));
|
memset(&obj, 0, sizeof(obj));
|
||||||
obj.data = CBS_data(cbs);
|
obj.data = CBS_data(cbs);
|
||||||
obj.length = CBS_len(cbs);
|
obj.length = (int)CBS_len(cbs);
|
||||||
|
|
||||||
return OBJ_obj2nid(&obj);
|
return OBJ_obj2nid(&obj);
|
||||||
}
|
}
|
||||||
|
|||||||
@ -217,9 +217,9 @@ void CRYPTO_poly1305_update(poly1305_state *statep, const uint8_t *in,
|
|||||||
#endif
|
#endif
|
||||||
|
|
||||||
if (state->buf_used) {
|
if (state->buf_used) {
|
||||||
unsigned int todo = 16 - state->buf_used;
|
unsigned todo = 16 - state->buf_used;
|
||||||
if (todo > in_len) {
|
if (todo > in_len) {
|
||||||
todo = in_len;
|
todo = (unsigned)in_len;
|
||||||
}
|
}
|
||||||
for (i = 0; i < todo; i++) {
|
for (i = 0; i < todo; i++) {
|
||||||
state->buf[state->buf_used + i] = in[i];
|
state->buf[state->buf_used + i] = in[i];
|
||||||
@ -245,7 +245,7 @@ void CRYPTO_poly1305_update(poly1305_state *statep, const uint8_t *in,
|
|||||||
for (i = 0; i < in_len; i++) {
|
for (i = 0; i < in_len; i++) {
|
||||||
state->buf[i] = in[i];
|
state->buf[i] = in[i];
|
||||||
}
|
}
|
||||||
state->buf_used = in_len;
|
state->buf_used = (unsigned)in_len;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -39,7 +39,7 @@ void CRYPTO_sysrand(uint8_t *out, size_t requested) {
|
|||||||
while (requested > 0) {
|
while (requested > 0) {
|
||||||
ULONG output_bytes_this_pass = ULONG_MAX;
|
ULONG output_bytes_this_pass = ULONG_MAX;
|
||||||
if (requested < output_bytes_this_pass) {
|
if (requested < output_bytes_this_pass) {
|
||||||
output_bytes_this_pass = requested;
|
output_bytes_this_pass = (ULONG)requested;
|
||||||
}
|
}
|
||||||
if (RtlGenRandom(out, output_bytes_this_pass) == FALSE) {
|
if (RtlGenRandom(out, output_bytes_this_pass) == FALSE) {
|
||||||
abort();
|
abort();
|
||||||
|
|||||||
@ -100,7 +100,7 @@ typedef struct stack_st {
|
|||||||
void **data;
|
void **data;
|
||||||
/* sorted is non-zero if the values pointed to by |data| are in ascending
|
/* sorted is non-zero if the values pointed to by |data| are in ascending
|
||||||
* order, based on |comp|. */
|
* order, based on |comp|. */
|
||||||
size_t sorted;
|
int sorted;
|
||||||
/* num_alloc contains the number of pointers allocated in the buffer pointed
|
/* num_alloc contains the number of pointers allocated in the buffer pointed
|
||||||
* to by |data|, which may be larger than |num|. */
|
* to by |data|, which may be larger than |num|. */
|
||||||
size_t num_alloc;
|
size_t num_alloc;
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user