ssl: ass size_t to RAND_bytes_ex()

author Pauli <pauli@openssl.org>

Mon, 31 May 2021 06:31:04 +0000 (16:31 +1000)

committer Pauli <pauli@openssl.org>

Tue, 1 Jun 2021 08:13:36 +0000 (18:13 +1000)
author Pauli <pauli@openssl.org>
Mon, 31 May 2021 06:31:04 +0000 (16:31 +1000)
committer Pauli <pauli@openssl.org>
Tue, 1 Jun 2021 08:13:36 +0000 (18:13 +1000)
diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c

index c10a1e46b2470aa6147c3c421663ee971b6cb73f..82bb013865ea333d5390d645a0a88d63dcd34dec 100644 (file)
--- a/ssl/statem/statem_clnt.c
+++ b/ssl/statem/statem_clnt.c
@@ -2853,7 +2853,7 @@ static int tls_construct_cke_rsa(SSL *s, WPACKET *pkt)
      pms[0] = s->client_version >> 8;
      pms[1] = s->client_version & 0xff;
      /* TODO(size_t): Convert this function */
-    if (RAND_bytes_ex(s->ctx->libctx, pms + 2, (int)(pmslen - 2), 0) <= 0) {
+    if (RAND_bytes_ex(s->ctx->libctx, pms + 2, pmslen - 2, 0) <= 0) {
          SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE);
          goto err;
      }
@@ -3060,7 +3060,7 @@ static int tls_construct_cke_gost(SSL *s, WPACKET *pkt)
          /* Generate session key
           * TODO(size_t): Convert this function
           */
-        || RAND_bytes_ex(s->ctx->libctx, pms, (int)pmslen, 0) <= 0) {
+        || RAND_bytes_ex(s->ctx->libctx, pms, pmslen, 0) <= 0) {
          SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
          goto err;
      };
@@ -3185,7 +3185,7 @@ static int tls_construct_cke_gost18(SSL *s, WPACKET *pkt)
          goto err;
      }
  
-    if (RAND_bytes_ex(s->ctx->libctx, pms, (int)pmslen, 0) <= 0) {
+    if (RAND_bytes_ex(s->ctx->libctx, pms, pmslen, 0) <= 0) {
          SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
          goto err;
      }
diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c

index bf4a486a8d83a6ba4dcfd6a528e84b29d73cb45e..15bcdae3876b5510f9bba93e5cdf191485d919f7 100644 (file)
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -3778,7 +3778,8 @@ static int construct_stateless_ticket(SSL *s, WPACKET *pkt, uint32_t age_add,
          }
  
          iv_len = EVP_CIPHER_iv_length(cipher);
-        if (RAND_bytes_ex(s->ctx->libctx, iv, iv_len, 0) <= 0
+        if (iv_len < 0
+                || RAND_bytes_ex(s->ctx->libctx, iv, iv_len, 0) <= 0
                  || !EVP_EncryptInit_ex(ctx, cipher, NULL,
                                         tctx->ext.secure->tick_aes_key, iv)
                  || !ssl_hmac_init(hctx, tctx->ext.secure->tick_hmac_key,
author	Pauli <pauli@openssl.org>
	Mon, 31 May 2021 06:31:04 +0000 (16:31 +1000)
committer	Pauli <pauli@openssl.org>
	Tue, 1 Jun 2021 08:13:36 +0000 (18:13 +1000)
ssl/statem/statem_clnt.c		patch \| blob \| blame \| history
ssl/statem/statem_srvr.c		patch \| blob \| blame \| history