summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/common/compat.c2
-rw-r--r--src/common/crypto.c53
-rw-r--r--src/common/crypto.h2
-rw-r--r--src/common/ht.h5
-rw-r--r--src/common/mempool.c7
-rw-r--r--src/common/torgzip.c18
-rw-r--r--src/common/tortls.c10
-rw-r--r--src/common/util.c22
-rw-r--r--src/or/test.c4
9 files changed, 75 insertions, 48 deletions
diff --git a/src/common/compat.c b/src/common/compat.c
index 378ba06232..efe2b01886 100644
--- a/src/common/compat.c
+++ b/src/common/compat.c
@@ -1112,7 +1112,7 @@ tor_inet_pton(int af, const char *src, void *dst)
return 0;
if (TOR_ISXDIGIT(*src)) {
char *next;
- int r = strtol(src, &next, 16);
+ long r = strtol(src, &next, 16);
if (next > 4+src)
return 0;
if (next == src)
diff --git a/src/common/crypto.c b/src/common/crypto.c
index 34d19d94ba..35f2beaf88 100644
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -816,8 +816,8 @@ crypto_pk_public_hybrid_encrypt(crypto_pk_env_t *env,
size_t fromlen,
int padding, int force)
{
- int overhead, outlen, r, symlen;
- size_t pkeylen;
+ int overhead, outlen, r;
+ size_t pkeylen, symlen;
crypto_cipher_env_t *cipher = NULL;
char *buf = NULL;
@@ -867,7 +867,8 @@ crypto_pk_public_hybrid_encrypt(crypto_pk_env_t *env,
memset(buf, 0, pkeylen);
tor_free(buf);
crypto_free_cipher_env(cipher);
- return outlen + symlen;
+ tor_assert(outlen+symlen < INT_MAX);
+ return (int)(outlen + symlen);
err:
if (buf) {
memset(buf, 0, pkeylen);
@@ -921,7 +922,8 @@ crypto_pk_private_hybrid_decrypt(crypto_pk_env_t *env,
memset(buf,0,pkeylen);
tor_free(buf);
crypto_free_cipher_env(cipher);
- return outlen + (fromlen-pkeylen);
+ tor_assert(outlen + fromlen < INT_MAX);
+ return (int)(outlen + (fromlen-pkeylen));
err:
memset(buf,0,pkeylen);
tor_free(buf);
@@ -1211,6 +1213,7 @@ crypto_cipher_encrypt_with_iv(crypto_cipher_env_t *cipher,
tor_assert(cipher);
tor_assert(from);
tor_assert(to);
+ tor_assert(fromlen < INT_MAX);
if (fromlen < 1)
return -1;
@@ -1221,7 +1224,7 @@ crypto_cipher_encrypt_with_iv(crypto_cipher_env_t *cipher,
if (crypto_cipher_set_iv(cipher, to)<0)
return -1;
crypto_cipher_encrypt(cipher, to+CIPHER_IV_LEN, from, fromlen);
- return fromlen + CIPHER_IV_LEN;
+ return (int)(fromlen + CIPHER_IV_LEN);
}
/** Decrypt <b>fromlen</b> bytes (at least 1+CIPHER_IV_LEN) from <b>from</b>
@@ -1241,6 +1244,7 @@ crypto_cipher_decrypt_with_iv(crypto_cipher_env_t *cipher,
tor_assert(cipher);
tor_assert(from);
tor_assert(to);
+ tor_assert(fromlen < INT_MAX);
if (fromlen <= CIPHER_IV_LEN)
return -1;
@@ -1250,7 +1254,7 @@ crypto_cipher_decrypt_with_iv(crypto_cipher_env_t *cipher,
if (crypto_cipher_set_iv(cipher, from)<0)
return -1;
crypto_cipher_encrypt(cipher, to, from+CIPHER_IV_LEN, fromlen-CIPHER_IV_LEN);
- return fromlen - CIPHER_IV_LEN;
+ return (int)(fromlen - CIPHER_IV_LEN);
}
/* SHA-1 */
@@ -1362,7 +1366,9 @@ crypto_hmac_sha1(char *hmac_out,
const char *key, size_t key_len,
const char *msg, size_t msg_len)
{
- HMAC(EVP_sha1(), key, key_len, (unsigned char*)msg, msg_len,
+ tor_assert(key_len < INT_MAX);
+ tor_assert(msg_len < INT_MAX);
+ HMAC(EVP_sha1(), key, (int)key_len, (unsigned char*)msg, (int)msg_len,
(unsigned char*)hmac_out, NULL);
}
@@ -1548,7 +1554,7 @@ tor_check_dh_key(BIGNUM *bn)
* SHA1( g^xy || "\x00" ) || SHA1( g^xy || "\x01" ) || ...
* where || is concatenation.)
*/
-int
+ssize_t
crypto_dh_compute_secret(crypto_dh_env_t *dh,
const char *pubkey, size_t pubkey_len,
char *secret_out, size_t secret_bytes_out)
@@ -1559,8 +1565,10 @@ crypto_dh_compute_secret(crypto_dh_env_t *dh,
int result=0;
tor_assert(dh);
tor_assert(secret_bytes_out/DIGEST_LEN <= 255);
+ tor_assert(pubkey_len < INT_MAX);
- if (!(pubkey_bn = BN_bin2bn((const unsigned char*)pubkey, pubkey_len, NULL)))
+ if (!(pubkey_bn = BN_bin2bn((const unsigned char*)pubkey,
+ (int)pubkey_len, NULL)))
goto error;
if (tor_check_dh_key(pubkey_bn)<0) {
/* Check for invalid public keys. */
@@ -1721,10 +1729,11 @@ crypto_seed_rng(void)
close(fd);
if (n != sizeof(buf)) {
log_warn(LD_CRYPTO,
- "Error reading from entropy source (read only %d bytes).", n);
+ "Error reading from entropy source (read only %lu bytes).",
+ (unsigned long)n);
return -1;
}
- RAND_seed(buf, sizeof(buf));
+ RAND_seed(buf, (int)sizeof(buf));
memset(buf, 0, sizeof(buf));
return 0;
}
@@ -1741,8 +1750,9 @@ int
crypto_rand(char *to, size_t n)
{
int r;
+ tor_assert(n < INT_MAX);
tor_assert(to);
- r = RAND_bytes((unsigned char*)to, n);
+ r = RAND_bytes((unsigned char*)to, (int)n);
if (r == 0)
crypto_log_errors(LOG_WARN, "generating random data");
return (r == 1) ? 0 : -1;
@@ -1801,7 +1811,8 @@ crypto_random_hostname(int min_rand_len, int max_rand_len, const char *prefix,
const char *suffix)
{
char *result, *rand_bytes;
- int randlen, resultlen, rand_bytes_len, prefixlen;
+ int randlen, rand_bytes_len;
+ size_t resultlen, prefixlen;
tor_assert(max_rand_len >= min_rand_len);
randlen = min_rand_len + crypto_rand_int(max_rand_len - min_rand_len + 1);
@@ -1829,8 +1840,7 @@ crypto_random_hostname(int min_rand_len, int max_rand_len, const char *prefix,
void *
smartlist_choose(const smartlist_t *sl)
{
- size_t len;
- len = smartlist_len(sl);
+ int len = smartlist_len(sl);
if (len)
return smartlist_get(sl,crypto_rand_int(len));
return NULL; /* no elements to choose from */
@@ -1863,6 +1873,7 @@ base64_encode(char *dest, size_t destlen, const char *src, size_t srclen)
* it ever shows up in the profile. */
EVP_ENCODE_CTX ctx;
int len, ret;
+ tor_assert(srclen < INT_MAX);
/* 48 bytes of input -> 64 bytes of output plus newline.
Plus one more byte, in case I'm wrong.
@@ -1874,7 +1885,7 @@ base64_encode(char *dest, size_t destlen, const char *src, size_t srclen)
EVP_EncodeInit(&ctx);
EVP_EncodeUpdate(&ctx, (unsigned char*)dest, &len,
- (unsigned char*)src, srclen);
+ (unsigned char*)src, (int)srclen);
EVP_EncodeFinal(&ctx, (unsigned char*)(dest+len), &ret);
ret += len;
return ret;
@@ -2004,8 +2015,9 @@ base64_decode(char *dest, size_t destlen, const char *src, size_t srclen)
}
tor_assert((dest-dest_orig) <= (ssize_t)destlen);
+ tor_assert((dest-dest_orig) <= INT_MAX);
- return dest-dest_orig;
+ return (int)(dest-dest_orig);
#endif
}
#undef X
@@ -2056,8 +2068,8 @@ digest_from_base64(char *digest, const char *d64)
void
base32_encode(char *dest, size_t destlen, const char *src, size_t srclen)
{
- unsigned int nbits, i, bit, v, u;
- nbits = srclen * 8;
+ unsigned int i, bit, v, u;
+ size_t nbits = srclen * 8;
tor_assert((nbits%5) == 0); /* We need an even multiple of 5 bits. */
tor_assert((nbits/5)+1 <= destlen); /* We need enough space. */
@@ -2082,7 +2094,8 @@ base32_decode(char *dest, size_t destlen, const char *src, size_t srclen)
{
/* XXXX we might want to rewrite this along the lines of base64_decode, if
* it ever shows up in the profile. */
- unsigned int nbits, i, j, bit;
+ unsigned int i, j, bit;
+ size_t nbits;
char *tmp;
nbits = srclen * 5;
diff --git a/src/common/crypto.h b/src/common/crypto.h
index bc47813889..f25bc89947 100644
--- a/src/common/crypto.h
+++ b/src/common/crypto.h
@@ -158,7 +158,7 @@ int crypto_dh_get_bytes(crypto_dh_env_t *dh);
int crypto_dh_generate_public(crypto_dh_env_t *dh);
int crypto_dh_get_public(crypto_dh_env_t *dh, char *pubkey_out,
size_t pubkey_out_len);
-int crypto_dh_compute_secret(crypto_dh_env_t *dh,
+ssize_t crypto_dh_compute_secret(crypto_dh_env_t *dh,
const char *pubkey, size_t pubkey_len,
char *secret_out, size_t secret_out_len);
void crypto_dh_free(crypto_dh_env_t *dh);
diff --git a/src/common/ht.h b/src/common/ht.h
index 61792cb8b4..762f836bd3 100644
--- a/src/common/ht.h
+++ b/src/common/ht.h
@@ -90,7 +90,8 @@ ht_string_hash(const char *s)
while (*cp) {
h = (1000003*h) ^ *cp++;
}
- h ^= (cp-(const unsigned char*)s);
+ /* This conversion truncates the length of the string, but that's ok. */
+ h ^= (unsigned)(cp-(const unsigned char*)s);
return h;
}
@@ -287,7 +288,7 @@ ht_string_hash(const char *s)
805306457, 1610612741 \
}; \
static unsigned name##_N_PRIMES = \
- sizeof(name##_PRIMES)/sizeof(name##_PRIMES[0]); \
+ (unsigned)(sizeof(name##_PRIMES)/sizeof(name##_PRIMES[0])); \
/* Expand the internal table of 'head' until it is large enough to \
* hold 'size' elements. Return 0 on success, -1 on allocation \
* failure. */ \
diff --git a/src/common/mempool.c b/src/common/mempool.c
index 7c8092de71..6a41d220fe 100644
--- a/src/common/mempool.c
+++ b/src/common/mempool.c
@@ -358,7 +358,7 @@ mp_pool_t *
mp_pool_new(size_t item_size, size_t chunk_capacity)
{
mp_pool_t *pool;
- size_t alloc_size;
+ size_t alloc_size, new_chunk_cap;
pool = ALLOC(sizeof(mp_pool_t));
CHECK_ALLOC(pool);
@@ -393,7 +393,10 @@ mp_pool_new(size_t item_size, size_t chunk_capacity)
if (chunk_capacity < MIN_CHUNK)
chunk_capacity = MIN_CHUNK;
- pool->new_chunk_capacity = (chunk_capacity-CHUNK_OVERHEAD) / alloc_size;
+ new_chunk_cap = (chunk_capacity-CHUNK_OVERHEAD) / alloc_size;
+ tor_assert(new_chunk_cap < INT_MAX);
+ pool->new_chunk_capacity = (int)new_chunk_cap;
+
pool->item_alloc_size = alloc_size;
log_debug(LD_MM, "Capacity is %lu, item size is %lu, alloc size is %lu",
diff --git a/src/common/torgzip.c b/src/common/torgzip.c
index 40c01ba682..d1289443e2 100644
--- a/src/common/torgzip.c
+++ b/src/common/torgzip.c
@@ -77,6 +77,7 @@ tor_gzip_compress(char **out, size_t *out_len,
tor_assert(out);
tor_assert(out_len);
tor_assert(in);
+ tor_assert(in_len < UINT_MAX);
if (method == GZIP_METHOD && !is_gzip_supported()) {
/* Old zlib version don't support gzip in deflateInit2 */
@@ -91,7 +92,7 @@ tor_gzip_compress(char **out, size_t *out_len,
stream->zfree = Z_NULL;
stream->opaque = NULL;
stream->next_in = (unsigned char*) in;
- stream->avail_in = in_len;
+ stream->avail_in = (unsigned int)in_len;
if (deflateInit2(stream, Z_BEST_COMPRESSION, Z_DEFLATED,
method_bits(method),
@@ -106,7 +107,7 @@ tor_gzip_compress(char **out, size_t *out_len,
if (out_size < 1024) out_size = 1024;
*out = tor_malloc(out_size);
stream->next_out = (unsigned char*)*out;
- stream->avail_out = out_size;
+ stream->avail_out = (unsigned int)out_size;
while (1) {
switch (deflate(stream, Z_FINISH))
@@ -190,6 +191,7 @@ tor_gzip_uncompress(char **out, size_t *out_len,
tor_assert(out);
tor_assert(out_len);
tor_assert(in);
+ tor_assert(in_len < UINT_MAX);
if (method == GZIP_METHOD && !is_gzip_supported()) {
/* Old zlib version don't support gzip in inflateInit2 */
@@ -204,7 +206,7 @@ tor_gzip_uncompress(char **out, size_t *out_len,
stream->zfree = Z_NULL;
stream->opaque = NULL;
stream->next_in = (unsigned char*) in;
- stream->avail_in = in_len;
+ stream->avail_in = (unsigned int)in_len;
if (inflateInit2(stream,
method_bits(method)) != Z_OK) {
@@ -215,10 +217,12 @@ tor_gzip_uncompress(char **out, size_t *out_len,
out_size = in_len * 2; /* guess 50% compression. */
if (out_size < 1024) out_size = 1024;
+ if (out_size > UINT_MAX)
+ goto err;
*out = tor_malloc(out_size);
stream->next_out = (unsigned char*)*out;
- stream->avail_out = out_size;
+ stream->avail_out = (unsigned int)out_size;
while (1) {
switch (inflate(stream, complete_only ? Z_FINISH : Z_SYNC_FLUSH))
@@ -372,10 +376,12 @@ tor_zlib_process(tor_zlib_state_t *state,
int finish)
{
int err;
+ tor_assert(*in_len <= UINT_MAX);
+ tor_assert(*out_len <= UINT_MAX);
state->stream.next_in = (unsigned char*) *in;
- state->stream.avail_in = *in_len;
+ state->stream.avail_in = (unsigned int)*in_len;
state->stream.next_out = (unsigned char*) *out;
- state->stream.avail_out = *out_len;
+ state->stream.avail_out = (unsigned int)*out_len;
if (state->compress) {
err = deflate(&state->stream, finish ? Z_FINISH : Z_SYNC_FLUSH);
diff --git a/src/common/tortls.c b/src/common/tortls.c
index 2918ab288e..8690231e65 100644
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@@ -111,7 +111,7 @@ static INLINE unsigned int
tor_tls_entry_hash(const tor_tls_t *a)
{
#if SIZEOF_INT == SIZEOF_VOID_P
- return ((unsigned int)a->ssl);
+ return ((unsigned int)(uintptr_t)a->ssl);
#else
return (unsigned int) ((((uint64_t)a->ssl)>>2) & UINT_MAX);
#endif
@@ -162,7 +162,7 @@ static int tls_library_is_initialized = 0;
static void
tls_log_errors(tor_tls_t *tls, int severity, const char *doing)
{
- int err;
+ unsigned long err;
const char *msg, *lib, *func, *addr;
addr = tls ? tls->address : NULL;
while ((err = ERR_get_error()) != 0) {
@@ -841,7 +841,8 @@ tor_tls_read(tor_tls_t *tls, char *cp, size_t len)
tor_assert(tls);
tor_assert(tls->ssl);
tor_assert(tls->state == TOR_TLS_ST_OPEN);
- r = SSL_read(tls->ssl, cp, len);
+ tor_assert(len<INT_MAX);
+ r = SSL_read(tls->ssl, cp, (int)len);
if (r > 0) {
#ifdef V2_HANDSHAKE_SERVER
if (tls->got_renegotiate) {
@@ -878,6 +879,7 @@ tor_tls_write(tor_tls_t *tls, const char *cp, size_t n)
tor_assert(tls);
tor_assert(tls->ssl);
tor_assert(tls->state == TOR_TLS_ST_OPEN);
+ tor_assert(n < INT_MAX);
if (n == 0)
return 0;
if (tls->wantwrite_n) {
@@ -888,7 +890,7 @@ tor_tls_write(tor_tls_t *tls, const char *cp, size_t n)
n = tls->wantwrite_n;
tls->wantwrite_n = 0;
}
- r = SSL_write(tls->ssl, cp, n);
+ r = SSL_write(tls->ssl, cp, (int)n);
err = tor_tls_get_error(tls, r, 0, "writing", LOG_INFO);
if (err == TOR_TLS_DONE) {
return r;
diff --git a/src/common/util.c b/src/common/util.c
index 3578dd666a..e263908c19 100644
--- a/src/common/util.c
+++ b/src/common/util.c
@@ -1327,7 +1327,7 @@ int
write_all(int fd, const char *buf, size_t count, int isSocket)
{
size_t written = 0;
- int result;
+ ssize_t result;
tor_assert(count < INT_MAX); /*XXXX021 make returnval an ssize_t */
while (written != count) {
@@ -1350,10 +1350,11 @@ write_all(int fd, const char *buf, size_t count, int isSocket)
int
read_all(int fd, char *buf, size_t count, int isSocket)
{
+ /*XXXX021 return ssize_t. */
size_t numread = 0;
- int result;
+ ssize_t result;
- if (count > SIZE_T_CEILING)
+ if (count > SIZE_T_CEILING || count > INT_MAX)
return -1;
while (numread != count) {
@@ -1367,7 +1368,7 @@ read_all(int fd, char *buf, size_t count, int isSocket)
break;
numread += result;
}
- return numread;
+ return (int)numread;
}
/*
@@ -2373,7 +2374,7 @@ parse_port_range(const char *port, uint16_t *port_min_out,
port_max = 65535;
} else {
char *endptr = NULL;
- port_min = tor_parse_long(port, 10, 0, 65535, &ok, &endptr);
+ port_min = (int)tor_parse_long(port, 10, 0, 65535, &ok, &endptr);
if (!ok) {
log_warn(LD_GENERAL,
"Malformed port %s on address range; rejecting.",
@@ -2382,7 +2383,7 @@ parse_port_range(const char *port, uint16_t *port_min_out,
} else if (endptr && *endptr == '-') {
port = endptr+1;
endptr = NULL;
- port_max = tor_parse_long(port, 10, 1, 65536, &ok, &endptr);
+ port_max = (int)tor_parse_long(port, 10, 1, 65536, &ok, &endptr);
if (!ok) {
log_warn(LD_GENERAL,
"Malformed port %s on address range; rejecting.",
@@ -2933,20 +2934,20 @@ get_interface_address6(int severity, sa_family_t family, tor_addr_t *addr)
memset(addr, 0, sizeof(tor_addr_t));
memset(&target_addr, 0, sizeof(target_addr));
- my_addr_len = sizeof(my_addr);
+ my_addr_len = (socklen_t)sizeof(my_addr);
((struct sockaddr_in*)&target_addr)->sin_port = 9; /* DISGARD port */
/* Don't worry: no packets are sent. We just need to use a real address
* on the actual internet. */
if (family == AF_INET6) {
struct sockaddr_in6 *sin6 = (struct sockaddr_in6*)&target_addr;
sock = tor_open_socket(PF_INET6,SOCK_DGRAM,IPPROTO_UDP);
- my_addr_len = sizeof(struct sockaddr_in6);
+ my_addr_len = (socklen_t)sizeof(struct sockaddr_in6);
sin6->sin6_family = AF_INET6;
S6_ADDR16(sin6->sin6_addr)[0] = htons(0x2002); /* 2002:: */
} else if (family == AF_INET) {
struct sockaddr_in *sin = (struct sockaddr_in*)&target_addr;
sock = tor_open_socket(PF_INET,SOCK_DGRAM,IPPROTO_UDP);
- my_addr_len = sizeof(struct sockaddr_in);
+ my_addr_len = (socklen_t)sizeof(struct sockaddr_in);
sin->sin_family = AF_INET;
sin->sin_addr.s_addr = htonl(0x12000001); /* 18.0.0.1 */
} else {
@@ -2959,7 +2960,8 @@ get_interface_address6(int severity, sa_family_t family, tor_addr_t *addr)
goto err;
}
- if (connect(sock,(struct sockaddr *)&target_addr,sizeof(target_addr))<0) {
+ if (connect(sock,(struct sockaddr *)&target_addr,
+ (socklen_t)sizeof(target_addr))<0) {
int e = tor_socket_errno(sock);
log_fn(severity, LD_NET, "connect() failed: %s", tor_socket_strerror(e));
goto err;
diff --git a/src/or/test.c b/src/or/test.c
index c209db55bb..b0dcc26594 100644
--- a/src/or/test.c
+++ b/src/or/test.c
@@ -770,10 +770,10 @@ test_util(void)
/* Test tor_strstrip() */
strlcpy(buf, "Testing 1 2 3", sizeof(buf));
- test_eq(0, tor_strstrip(buf, ",!"));
+ tor_strstrip(buf, ",!");
test_streq(buf, "Testing 1 2 3");
strlcpy(buf, "!Testing 1 2 3?", sizeof(buf));
- test_eq(5, tor_strstrip(buf, "!? "));
+ tor_strstrip(buf, "!? ");
test_streq(buf, "Testing123");
/* Test parse_addr_port */