From: Daniel Stenberg <daniel@haxx.se>
Date: Sat, 20 Sep 2025 09:17:48 +0000 (+0200)
Subject: rustls: typecast variable for safer trace output
X-Git-Tag: rc-8_17_0-2~436
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=2fe95cb0e320db0c6034d154ab175002d23b936d;p=thirdparty%2Fcurl.git

rustls: typecast variable for safer trace output

This is a variadic function call with a mismatched argument type; on
platforms where uintptr_t and size_t differ, this invokes undefined
behavior.

Reported in Joshua's sarif data

Closes #18628
---

diff --git a/lib/vtls/rustls.c b/lib/vtls/rustls.c
index 905d4f8a99..e5d85aa38f 100644
--- a/lib/vtls/rustls.c
+++ b/lib/vtls/rustls.c
@@ -121,7 +121,7 @@ read_cb(void *userdata, uint8_t *buf, uintptr_t len, uintptr_t *out_n)
     connssl->peer_closed = TRUE;
   *out_n = (uintptr_t)nread;
   CURL_TRC_CF(io_ctx->data, io_ctx->cf, "cf->next recv(len=%zu) -> %d, %zu",
-              len, result, nread);
+              (size_t)len, result, nread);
   return ret;
 }