提交 e3c9727f 编写于 作者: M Matt Caswell

Resolve some outstanding size_t related TODOs

Reviewed-by: NRich Salz <rsalz@openssl.org>
上级 d736bc1a
......@@ -418,6 +418,7 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, size_t len,
unsigned char aad[13];
EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM mb_param;
size_t packlen;
int packleni;
/* minimize address aliasing conflicts */
if ((max_send_fragment & 0xfff) == 0)
......@@ -476,12 +477,11 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, size_t len,
mb_param.inp = aad;
mb_param.len = nw;
/* TODO: CHECK ME - CAN THIS EVER BE NEGATIVE???? */
packlen = EVP_CIPHER_CTX_ctrl(s->enc_write_ctx,
packleni = EVP_CIPHER_CTX_ctrl(s->enc_write_ctx,
EVP_CTRL_TLS1_1_MULTIBLOCK_AAD,
sizeof(mb_param), &mb_param);
if (packlen <= 0 || packlen > wb->len) { /* never happens */
packlen = (size_t)packleni;
if (packleni <= 0 || packlen > wb->len) { /* never happens */
/* free jumbo buffer */
ssl3_release_write_buffer(s);
break;
......
......@@ -202,7 +202,6 @@ int ssl3_get_record(SSL *s)
ssl_minor = *(p++);
version = (ssl_major << 8) | ssl_minor;
rr[num_recs].rec_version = version;
/* TODO(size_t): CHECK ME */
n2s(p, rr[num_recs].length);
/* Lets check version */
......@@ -1108,7 +1107,6 @@ int tls1_mac(SSL *ssl, SSL3_RECORD *rec, unsigned char *md, int send)
* 1: if the padding was valid
* -1: otherwise.
*/
/* TODO(size_t): Convert me */
int ssl3_cbc_remove_padding(SSL3_RECORD *rec,
size_t block_size, size_t mac_size)
{
......@@ -1123,7 +1121,6 @@ int ssl3_cbc_remove_padding(SSL3_RECORD *rec,
return 0;
padding_length = rec->data[rec->length - 1];
/* TODO(size_t): size_t constant_time ? */
good = constant_time_ge(rec->length, padding_length + overhead);
/* SSLv3 requires that the padding is minimal. */
good &= constant_time_ge(block_size, padding_length + 1);
......@@ -1176,7 +1173,6 @@ int tls1_cbc_remove_padding(const SSL *s,
return 1;
}
/* TODO(size_t): size_t constant_time?? */
good = constant_time_ge(rec->length, overhead + padding_length);
/*
* The padding consists of a length byte at the end of the record and
......@@ -1279,7 +1275,6 @@ void ssl3_cbc_copy_mac(unsigned char *out,
memset(rotated_mac, 0, md_size);
for (i = scan_start, j = 0; i < rec->orig_len; i++) {
/* TODO(size_t): should we have constant_time variants for size_t? */
unsigned char mac_started = constant_time_ge_8(i, mac_start);
unsigned char mac_ended = constant_time_ge_8(i, mac_end);
unsigned char b = rec->data[i];
......@@ -1587,7 +1582,6 @@ int dtls1_get_record(SSL *s)
memcpy(&(RECORD_LAYER_get_read_sequence(&s->rlayer)[2]), p, 6);
p += 6;
/* TODO(size_t): CHECK ME */
n2s(p, rr->length);
/* Lets check version */
......
......@@ -214,11 +214,6 @@ int dtls1_do_write(SSL *s, int type)
else
len = s->init_num;
/* Shouldn't ever happen */
/* TODO(size_t): can this go now? */
if (len > INT_MAX)
len = INT_MAX;
/*
* XDTLS: this function is too long. split out the CCS part
*/
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册