From e3c9727fece7bd73469e14796f579c4dc5209cdb Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Tue, 4 Oct 2016 21:42:28 +0100 Subject: [PATCH] Resolve some outstanding size_t related TODOs Reviewed-by: Rich Salz --- ssl/record/rec_layer_s3.c | 8 ++++---- ssl/record/ssl3_record.c | 6 ------ ssl/statem/statem_dtls.c | 5 ----- 3 files changed, 4 insertions(+), 15 deletions(-) diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c index 9c3a097420..c74799598d 100644 --- a/ssl/record/rec_layer_s3.c +++ b/ssl/record/rec_layer_s3.c @@ -418,6 +418,7 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, size_t len, unsigned char aad[13]; EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM mb_param; size_t packlen; + int packleni; /* minimize address aliasing conflicts */ if ((max_send_fragment & 0xfff) == 0) @@ -476,12 +477,11 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, size_t len, mb_param.inp = aad; mb_param.len = nw; - /* TODO: CHECK ME - CAN THIS EVER BE NEGATIVE???? */ - packlen = EVP_CIPHER_CTX_ctrl(s->enc_write_ctx, + packleni = EVP_CIPHER_CTX_ctrl(s->enc_write_ctx, EVP_CTRL_TLS1_1_MULTIBLOCK_AAD, sizeof(mb_param), &mb_param); - - if (packlen <= 0 || packlen > wb->len) { /* never happens */ + packlen = (size_t)packleni; + if (packleni <= 0 || packlen > wb->len) { /* never happens */ /* free jumbo buffer */ ssl3_release_write_buffer(s); break; diff --git a/ssl/record/ssl3_record.c b/ssl/record/ssl3_record.c index 780ff1c6ab..aea5ff0910 100644 --- a/ssl/record/ssl3_record.c +++ b/ssl/record/ssl3_record.c @@ -202,7 +202,6 @@ int ssl3_get_record(SSL *s) ssl_minor = *(p++); version = (ssl_major << 8) | ssl_minor; rr[num_recs].rec_version = version; - /* TODO(size_t): CHECK ME */ n2s(p, rr[num_recs].length); /* Lets check version */ @@ -1108,7 +1107,6 @@ int tls1_mac(SSL *ssl, SSL3_RECORD *rec, unsigned char *md, int send) * 1: if the padding was valid * -1: otherwise. */ - /* TODO(size_t): Convert me */ int ssl3_cbc_remove_padding(SSL3_RECORD *rec, size_t block_size, size_t mac_size) { @@ -1123,7 +1121,6 @@ int ssl3_cbc_remove_padding(SSL3_RECORD *rec, return 0; padding_length = rec->data[rec->length - 1]; - /* TODO(size_t): size_t constant_time ? */ good = constant_time_ge(rec->length, padding_length + overhead); /* SSLv3 requires that the padding is minimal. */ good &= constant_time_ge(block_size, padding_length + 1); @@ -1176,7 +1173,6 @@ int tls1_cbc_remove_padding(const SSL *s, return 1; } - /* TODO(size_t): size_t constant_time?? */ good = constant_time_ge(rec->length, overhead + padding_length); /* * The padding consists of a length byte at the end of the record and @@ -1279,7 +1275,6 @@ void ssl3_cbc_copy_mac(unsigned char *out, memset(rotated_mac, 0, md_size); for (i = scan_start, j = 0; i < rec->orig_len; i++) { - /* TODO(size_t): should we have constant_time variants for size_t? */ unsigned char mac_started = constant_time_ge_8(i, mac_start); unsigned char mac_ended = constant_time_ge_8(i, mac_end); unsigned char b = rec->data[i]; @@ -1587,7 +1582,6 @@ int dtls1_get_record(SSL *s) memcpy(&(RECORD_LAYER_get_read_sequence(&s->rlayer)[2]), p, 6); p += 6; - /* TODO(size_t): CHECK ME */ n2s(p, rr->length); /* Lets check version */ diff --git a/ssl/statem/statem_dtls.c b/ssl/statem/statem_dtls.c index a651e65fab..6053a58b9c 100644 --- a/ssl/statem/statem_dtls.c +++ b/ssl/statem/statem_dtls.c @@ -214,11 +214,6 @@ int dtls1_do_write(SSL *s, int type) else len = s->init_num; - /* Shouldn't ever happen */ - /* TODO(size_t): can this go now? */ - if (len > INT_MAX) - len = INT_MAX; - /* * XDTLS: this function is too long. split out the CCS part */ -- GitLab