Miscellaneous -Wshorten-64-to-32 fixes.

Bug: 516 Change-Id: Iba2014da414658c08e42e0993912fa73848832d3 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/54945 Reviewed-by: Bob Beck <bbe@google.com> Auto-Submit: David Benjamin <davidben@google.com> Commit-Queue: David Benjamin <davidben@google.com>
2 years ago · 9d64d8d237
parent 671ccb1a98
commit 9d64d8d237
15 changed files with 66 additions and 57 deletions
--- a/crypto/bio/bio.c
+++ b/crypto/bio/bio.c
@ -192,7 +192,13 @@ int BIO_write_all(BIO *bio, const void *data, size_t len) {
 }

 int BIO_puts(BIO *bio, const char *in) {
-  return BIO_write(bio, in, strlen(in));
+  size_t len = strlen(in);
+  if (len > INT_MAX) {
+    // |BIO_write| and the return value both assume the string fits in |int|.
+    OPENSSL_PUT_ERROR(BIO, ERR_R_OVERFLOW);
+    return -1;
+  }
+  return BIO_write(bio, in, (int)len);
 }

 int BIO_flush(BIO *bio) {
--- a/crypto/bio/fd.c
+++ b/crypto/bio/fd.c
@ -158,7 +158,7 @@ static int fd_free(BIO *bio) {
 static int fd_read(BIO *b, char *out, int outl) {
  int ret = 0;

-  ret = BORINGSSL_READ(b->num, out, outl);
+  ret = (int)BORINGSSL_READ(b->num, out, outl);
  BIO_clear_retry_flags(b);
  if (ret <= 0) {
    if (bio_fd_should_retry(ret)) {
@ -170,7 +170,7 @@ static int fd_read(BIO *b, char *out, int outl) {
 }

 static int fd_write(BIO *b, const char *in, int inl) {
-  int ret = BORINGSSL_WRITE(b->num, in, inl);
+  int ret = (int)BORINGSSL_WRITE(b->num, in, inl);
  BIO_clear_retry_flags(b);
  if (ret <= 0) {
    if (bio_fd_should_retry(ret)) {
--- a/crypto/bio/socket.c
+++ b/crypto/bio/socket.c
@ -101,7 +101,7 @@ static int sock_read(BIO *b, char *out, int outl) {
 #if defined(OPENSSL_WINDOWS)
  int ret = recv(b->num, out, outl, 0);
 #else
-  int ret = read(b->num, out, outl);
+  int ret = (int)read(b->num, out, outl);
 #endif
  BIO_clear_retry_flags(b);
  if (ret <= 0) {
@ -113,13 +113,11 @@ static int sock_read(BIO *b, char *out, int outl) {
 }

 static int sock_write(BIO *b, const char *in, int inl) {
-  int ret;
-
  bio_clear_socket_error();
 #if defined(OPENSSL_WINDOWS)
-  ret = send(b->num, in, inl, 0);
+  int ret = send(b->num, in, inl, 0);
 #else
-  ret = write(b->num, in, inl);
+  int ret = (int)write(b->num, in, inl);
 #endif
  BIO_clear_retry_flags(b);
  if (ret <= 0) {
--- a/crypto/cipher_extra/aead_test.cc
+++ b/crypto/cipher_extra/aead_test.cc
@ -12,6 +12,7 @@
 * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */

+#include <assert.h>
 #include <stdint.h>
 #include <string.h>

@ -48,13 +49,8 @@ constexpr uint32_t kNondeterministic = 1 << 7;

 // RequiresADLength encodes an AD length requirement into flags.
 constexpr uint32_t RequiresADLength(size_t length) {
-  // If we had a more recent C++ version we could assert that the length is
-  // sufficiently small with:
-  //
-  // if (length >= 16) {
-  //  __builtin_unreachable();
-  // }
-  return (length & 0xf) << 3;
+  assert(length < 16);
+  return static_cast<uint32_t>((length & 0xf) << 3);
 }

 // RequiredADLength returns the AD length requirement encoded in |flags|, or
@ -64,9 +60,8 @@ constexpr size_t RequiredADLength(uint32_t flags) {
 }

 constexpr uint32_t RequiresMinimumTagLength(size_t length) {
-  // See above for statically checking the size at compile time with future C++
-  // versions.
-  return (length & 0xf) << 8;
+  assert(length < 16);
+  return static_cast<uint32_t>((length & 0xf) << 8);
 }

 constexpr size_t MinimumTagLength(uint32_t flags) {
--- a/crypto/cipher_extra/e_chacha20poly1305.c
+++ b/crypto/cipher_extra/e_chacha20poly1305.c
@ -145,7 +145,7 @@ static int chacha20_poly1305_seal_scatter(
  // encrypted byte-by-byte first.
  if (extra_in_len) {
    static const size_t kChaChaBlockSize = 64;
-    uint32_t block_counter = 1 + (in_len / kChaChaBlockSize);
+    uint32_t block_counter = (uint32_t)(1 + (in_len / kChaChaBlockSize));
    size_t offset = in_len % kChaChaBlockSize;
    uint8_t block[64 /* kChaChaBlockSize */];

--- a/crypto/dsa/dsa.c
+++ b/crypto/dsa/dsa.c
@ -217,16 +217,14 @@ int DSA_generate_parameters_ex(DSA *dsa, unsigned bits, const uint8_t *seed_in,
  BIGNUM *g = NULL, *q = NULL, *p = NULL;
  BN_MONT_CTX *mont = NULL;
  int k, n = 0, m = 0;
-  unsigned i;
  int counter = 0;
  int r = 0;
  BN_CTX *ctx = NULL;
  unsigned int h = 2;
-  unsigned qsize;
  const EVP_MD *evpmd;

  evpmd = (bits >= 2048) ? EVP_sha256() : EVP_sha1();
-  qsize = EVP_MD_size(evpmd);
+  size_t qsize = EVP_MD_size(evpmd);

  if (bits < 512) {
    bits = 512;
@ -235,10 +233,10 @@ int DSA_generate_parameters_ex(DSA *dsa, unsigned bits, const uint8_t *seed_in,
  bits = (bits + 63) / 64 * 64;

  if (seed_in != NULL) {
-    if (seed_len < (size_t)qsize) {
+    if (seed_len < qsize) {
      return 0;
    }
-    if (seed_len > (size_t)qsize) {
+    if (seed_len > qsize) {
      // Only consume as much seed as is expected.
      seed_len = qsize;
    }
@ -284,7 +282,7 @@ int DSA_generate_parameters_ex(DSA *dsa, unsigned bits, const uint8_t *seed_in,
      OPENSSL_memcpy(buf, seed, qsize);
      OPENSSL_memcpy(buf2, seed, qsize);
      // precompute "SEED + 1" for step 7:
-      for (i = qsize - 1; i < qsize; i--) {
+      for (size_t i = qsize - 1; i < qsize; i--) {
        buf[i]++;
        if (buf[i] != 0) {
          break;
@ -296,7 +294,7 @@ int DSA_generate_parameters_ex(DSA *dsa, unsigned bits, const uint8_t *seed_in,
          !EVP_Digest(buf, qsize, buf2, NULL, evpmd, NULL)) {
        goto err;
      }
-      for (i = 0; i < qsize; i++) {
+      for (size_t i = 0; i < qsize; i++) {
        md[i] ^= buf2[i];
      }

@ -340,7 +338,7 @@ int DSA_generate_parameters_ex(DSA *dsa, unsigned bits, const uint8_t *seed_in,
      // now 'buf' contains "SEED + offset - 1"
      for (k = 0; k <= n; k++) {
        // obtain "SEED + offset + k" by incrementing:
-        for (i = qsize - 1; i < qsize; i--) {
+        for (size_t i = qsize - 1; i < qsize; i--) {
          buf[i]++;
          if (buf[i] != 0) {
            break;
--- a/crypto/evp/sign.c
+++ b/crypto/evp/sign.c
@ -56,6 +56,8 @@

 #include <openssl/evp.h>

+#include <limits.h>
+
 #include <openssl/digest.h>
 #include <openssl/err.h>

@ -74,15 +76,20 @@ int EVP_SignUpdate(EVP_MD_CTX *ctx, const void *data, size_t len) {
  return EVP_DigestUpdate(ctx, data, len);
 }

-int EVP_SignFinal(const EVP_MD_CTX *ctx, uint8_t *sig,
-                  unsigned int *out_sig_len, EVP_PKEY *pkey) {
+int EVP_SignFinal(const EVP_MD_CTX *ctx, uint8_t *sig, unsigned *out_sig_len,
+                  EVP_PKEY *pkey) {
  uint8_t m[EVP_MAX_MD_SIZE];
-  unsigned int m_len;
+  unsigned m_len;
  int ret = 0;
  EVP_MD_CTX tmp_ctx;
  EVP_PKEY_CTX *pkctx = NULL;
  size_t sig_len = EVP_PKEY_size(pkey);

+  // Ensure the final result will fit in |unsigned|.
+  if (sig_len > UINT_MAX) {
+    sig_len = UINT_MAX;
+  }
+
  *out_sig_len = 0;
  EVP_MD_CTX_init(&tmp_ctx);
  if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx) ||
@ -92,19 +99,17 @@ int EVP_SignFinal(const EVP_MD_CTX *ctx, uint8_t *sig,
  EVP_MD_CTX_cleanup(&tmp_ctx);

  pkctx = EVP_PKEY_CTX_new(pkey, NULL);
-  if (!pkctx || !EVP_PKEY_sign_init(pkctx) ||
+  if (!pkctx ||  //
+      !EVP_PKEY_sign_init(pkctx) ||
      !EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) ||
      !EVP_PKEY_sign(pkctx, sig, &sig_len, m, m_len)) {
    goto out;
  }
-  *out_sig_len = sig_len;
+  *out_sig_len = (unsigned)sig_len;
  ret = 1;

 out:
-  if (pkctx) {
-    EVP_PKEY_CTX_free(pkctx);
-  }
-
+  EVP_PKEY_CTX_free(pkctx);
  return ret;
 }

@ -123,7 +128,7 @@ int EVP_VerifyUpdate(EVP_MD_CTX *ctx, const void *data, size_t len) {
 int EVP_VerifyFinal(EVP_MD_CTX *ctx, const uint8_t *sig, size_t sig_len,
                    EVP_PKEY *pkey) {
  uint8_t m[EVP_MAX_MD_SIZE];
-  unsigned int m_len;
+  unsigned m_len;
  int ret = 0;
  EVP_MD_CTX tmp_ctx;
  EVP_PKEY_CTX *pkctx = NULL;
--- a/crypto/hmac_extra/hmac_test.cc
+++ b/crypto/hmac_extra/hmac_test.cc
@ -99,8 +99,7 @@ TEST(HMACTest, TestVectors) {
    ASSERT_EQ(EVP_MD_size(digest), output.size());

    // Test using the one-shot API.
-    unsigned expected_mac_len = EVP_MD_size(digest);
-    std::unique_ptr<uint8_t[]> mac(new uint8_t[expected_mac_len]);
+    std::unique_ptr<uint8_t[]> mac(new uint8_t[EVP_MD_size(digest)]);
    unsigned mac_len;
    ASSERT_TRUE(HMAC(digest, key.data(), key.size(), input.data(), input.size(),
                     mac.get(), &mac_len));
--- a/crypto/trust_token/trust_token.c
+++ b/crypto/trust_token/trust_token.c
@ -612,16 +612,19 @@ err:
 static int add_cbor_int_with_type(CBB *cbb, uint8_t major_type,
                                  uint64_t value) {
  if (value <= 23) {
-    return CBB_add_u8(cbb, value | major_type);
+    return CBB_add_u8(cbb, (uint8_t)value | major_type);
  }
  if (value <= 0xff) {
-    return CBB_add_u8(cbb, 0x18 | major_type) && CBB_add_u8(cbb, value);
+    return CBB_add_u8(cbb, 0x18 | major_type) &&
+           CBB_add_u8(cbb, (uint8_t)value);
  }
  if (value <= 0xffff) {
-    return CBB_add_u8(cbb, 0x19 | major_type) && CBB_add_u16(cbb, value);
+    return CBB_add_u8(cbb, 0x19 | major_type) &&
+           CBB_add_u16(cbb, (uint16_t)value);
  }
  if (value <= 0xffffffff) {
-    return CBB_add_u8(cbb, 0x1a | major_type) && CBB_add_u32(cbb, value);
+    return CBB_add_u8(cbb, 0x1a | major_type) &&
+           CBB_add_u32(cbb, (uint32_t)value);
  }
  if (value <= 0xffffffffffffffff) {
    return CBB_add_u8(cbb, 0x1b | major_type) && CBB_add_u64(cbb, value);
--- a/crypto/trust_token/trust_token_test.cc
+++ b/crypto/trust_token/trust_token_test.cc
@ -12,6 +12,7 @@
 * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */

+#include <assert.h>
 #include <stdio.h>
 #include <string.h>
 #include <time.h>
@ -304,8 +305,9 @@ class TrustTokenProtocolTestBase : public ::testing::Test {

  // KeyID returns the key ID associated with key index |i|.
  static uint32_t KeyID(size_t i) {
+    assert(i <= UINT32_MAX);
    // Use a different value from the indices to that we do not mix them up.
-    return 7 + i;
+    return static_cast<uint32_t>(7 + i);
  }

  const TRUST_TOKEN_METHOD *method() { return method_; }
--- a/crypto/x509/rsa_pss.c
+++ b/crypto/x509/rsa_pss.c
@ -202,7 +202,7 @@ int x509_rsa_ctx_to_pss(EVP_MD_CTX *ctx, X509_ALGOR *algor) {
    OPENSSL_PUT_ERROR(X509, X509_R_INVALID_PSS_PARAMETERS);
    return 0;
  }
-  int md_len = EVP_MD_size(sigmd);
+  int md_len = (int)EVP_MD_size(sigmd);
  if (saltlen == -1) {
    saltlen = md_len;
  } else if (saltlen != md_len) {
--- a/ssl/bio_ssl.cc
+++ b/ssl/bio_ssl.cc
@ -109,7 +109,7 @@ static long ssl_ctrl(BIO *bio, int cmd, long num, void *ptr) {
      // |bio->next_bio| with |ssl|'s rbio here, and on |BIO_CTRL_PUSH|. We call
      // into the corresponding |BIO| directly. (We can implement the upstream
      // behavior if it ends up necessary.)
-      bio->shutdown = num;
+      bio->shutdown = static_cast<int>(num);
      bio->ptr = ptr;
      bio->init = 1;
      return 1;
@ -118,7 +118,7 @@ static long ssl_ctrl(BIO *bio, int cmd, long num, void *ptr) {
      return bio->shutdown;

    case BIO_CTRL_SET_CLOSE:
-      bio->shutdown = num;
+      bio->shutdown = static_cast<int>(num);
      return 1;

    case BIO_CTRL_WPENDING:
--- a/ssl/extensions.cc
+++ b/ssl/extensions.cc
@ -1248,10 +1248,12 @@ static bool ext_npn_parse_serverhello(SSL_HANDSHAKE *hs, uint8_t *out_alert,
    }
  }

+  // |orig_len| fits in |unsigned| because TLS extensions use 16-bit lengths.
  uint8_t *selected;
  uint8_t selected_len;
  if (ssl->ctx->next_proto_select_cb(
-          ssl, &selected, &selected_len, orig_contents, orig_len,
+          ssl, &selected, &selected_len, orig_contents,
+          static_cast<unsigned>(orig_len),
          ssl->ctx->next_proto_select_cb_arg) != SSL_TLSEXT_ERR_OK ||
      !ssl->s3->next_proto_negotiated.CopyFrom(
          MakeConstSpan(selected, selected_len))) {
@ -1564,11 +1566,14 @@ bool ssl_negotiate_alpn(SSL_HANDSHAKE *hs, uint8_t *out_alert,
    return false;
  }

+  // |protocol_name_list| fits in |unsigned| because TLS extensions use 16-bit
+  // lengths.
  const uint8_t *selected;
  uint8_t selected_len;
  int ret = ssl->ctx->alpn_select_cb(
      ssl, &selected, &selected_len, CBS_data(&protocol_name_list),
-      CBS_len(&protocol_name_list), ssl->ctx->alpn_select_cb_arg);
+      static_cast<unsigned>(CBS_len(&protocol_name_list)),
+      ssl->ctx->alpn_select_cb_arg);
  // ALPN is required when QUIC is used.
  if (ssl->quic_method &&
      (ret == SSL_TLSEXT_ERR_NOACK || ret == SSL_TLSEXT_ERR_ALERT_WARNING)) {
--- a/ssl/test/mock_quic_transport.cc
+++ b/ssl/test/mock_quic_transport.cc
@ -16,8 +16,9 @@

 #include <openssl/span.h>

+#include <algorithm>
+#include <climits>
 #include <cstring>
-#include <limits>

 MockQuicTransport::MockQuicTransport(bssl::UniquePtr<BIO> bio, SSL *ssl)
    : bio_(std::move(bio)),
@ -51,11 +52,8 @@ bool ReadAll(BIO *bio, bssl::Span<uint8_t> out) {
  size_t len = out.size();
  uint8_t *buf = out.data();
  while (len > 0) {
-    int chunk_len = std::numeric_limits<int>::max();
-    if (len <= static_cast<unsigned int>(std::numeric_limits<int>::max())) {
-      chunk_len = len;
-    }
-    int ret = BIO_read(bio, buf, chunk_len);
+    size_t chunk_len = std::min(len, size_t{INT_MAX});
+    int ret = BIO_read(bio, buf, static_cast<int>(chunk_len));
    if (ret <= 0) {
      return false;
    }
--- a/ssl/test/test_config.cc
+++ b/ssl/test/test_config.cc
@ -1619,7 +1619,7 @@ static unsigned PskClientCallback(SSL *ssl, const char *hint,

  OPENSSL_strlcpy(out_identity, config->psk_identity.c_str(), max_identity_len);
  OPENSSL_memcpy(out_psk, config->psk.data(), config->psk.size());
-  return config->psk.size();
+  return static_cast<unsigned>(config->psk.size());
 }

 static unsigned PskServerCallback(SSL *ssl, const char *identity,
@ -1637,7 +1637,7 @@ static unsigned PskServerCallback(SSL *ssl, const char *identity,
  }

  OPENSSL_memcpy(out_psk, config->psk.data(), config->psk.size());
-  return config->psk.size();
+  return static_cast<unsigned>(config->psk.size());
 }

 static ssl_verify_result_t CustomVerifyCallback(SSL *ssl, uint8_t *out_alert) {