From: Nikos Mavrogiannopoulos Date: Sat, 14 Jan 2012 22:34:10 +0000 (+0100) Subject: Modulo operations are only occuring on unsigned integers. X-Git-Tag: gnutls_3_0_13~261 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=99ad4c6b2ab76d386be76daed0c509e62d6334c7;p=thirdparty%2Fgnutls.git Modulo operations are only occuring on unsigned integers. --- diff --git a/lib/gnutls_cipher.c b/lib/gnutls_cipher.c index a323defb21..6da32f42fe 100644 --- a/lib/gnutls_cipher.c +++ b/lib/gnutls_cipher.c @@ -200,7 +200,8 @@ calc_enc_length (gnutls_session_t session, int data_size, unsigned block_algo, unsigned auth_cipher, uint16_t blocksize) { uint8_t rnd; - int length, ret; + unsigned int length; + int ret; *pad = 0; @@ -256,7 +257,7 @@ calc_enc_length (gnutls_session_t session, int data_size, * and are not to be sent). Returns their size. */ static inline int -make_preamble (opaque * uint64_data, opaque type, int length, +make_preamble (opaque * uint64_data, opaque type, unsigned int length, opaque ver, opaque * preamble) { opaque minor = _gnutls_version_get_minor (ver); diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c index b00212211b..167bb3daf0 100644 --- a/lib/gnutls_handshake.c +++ b/lib/gnutls_handshake.c @@ -801,7 +801,7 @@ server_find_pk_algos_in_ciphersuites (const opaque * */ int _gnutls_server_select_suite (gnutls_session_t session, opaque * data, - int datalen) + unsigned int datalen) { int i, j, ret, cipher_suites_size; size_t pk_algos_size; diff --git a/lib/gnutls_handshake.h b/lib/gnutls_handshake.h index 2366303597..7cc227147f 100644 --- a/lib/gnutls_handshake.h +++ b/lib/gnutls_handshake.h @@ -45,7 +45,7 @@ int _gnutls_tls_create_random (opaque * dst); int _gnutls_find_pk_algos_in_ciphersuites (opaque * data, int datalen); int _gnutls_server_select_suite (gnutls_session_t session, opaque * data, - int datalen); + unsigned int datalen); int _gnutls_negotiate_version (gnutls_session_t session, gnutls_protocol_t adv_version); diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h index 72e5f58f00..08762612e3 100644 --- a/lib/gnutls_int.h +++ b/lib/gnutls_int.h @@ -455,7 +455,7 @@ typedef struct */ typedef struct { - int entity; /* GNUTLS_SERVER or GNUTLS_CLIENT */ + unsigned int entity; /* GNUTLS_SERVER or GNUTLS_CLIENT */ gnutls_kx_algorithm_t kx_algorithm; /* The epoch used to read and write */ diff --git a/lib/gnutls_state.c b/lib/gnutls_state.c index 4f20465ebe..ef6cf5f387 100644 --- a/lib/gnutls_state.c +++ b/lib/gnutls_state.c @@ -889,7 +889,7 @@ P_hash (gnutls_mac_algorithm_t algorithm, */ int _gnutls_PRF (gnutls_session_t session, - const opaque * secret, int secret_size, const char *label, + const opaque * secret, unsigned int secret_size, const char *label, int label_size, const opaque * seed, int seed_size, int total_bytes, void *ret) { diff --git a/lib/gnutls_state.h b/lib/gnutls_state.h index 7800fde26a..491d71287c 100644 --- a/lib/gnutls_state.h +++ b/lib/gnutls_state.h @@ -76,7 +76,7 @@ int _gnutls_session_is_psk (gnutls_session_t session); int _gnutls_openpgp_send_fingerprint (gnutls_session_t session); int _gnutls_PRF (gnutls_session_t session, - const opaque * secret, int secret_size, + const opaque * secret, unsigned int secret_size, const char *label, int label_size, const opaque * seed, int seed_size, int total_bytes, void *ret); diff --git a/lib/gnutls_v2_compat.c b/lib/gnutls_v2_compat.c index e394f29597..aada12bafd 100644 --- a/lib/gnutls_v2_compat.c +++ b/lib/gnutls_v2_compat.c @@ -45,7 +45,7 @@ /* This selects the best supported ciphersuite from the ones provided */ static int _gnutls_handshake_select_v2_suite (gnutls_session_t session, - opaque * data, int datalen) + opaque * data, unsigned int datalen) { int i, j, ret; opaque *_data; @@ -91,7 +91,7 @@ _gnutls_handshake_select_v2_suite (gnutls_session_t session, */ int _gnutls_read_client_hello_v2 (gnutls_session_t session, opaque * data, - int datalen) + unsigned int datalen) { uint16_t session_id_len = 0; int pos = 0; diff --git a/lib/gnutls_v2_compat.h b/lib/gnutls_v2_compat.h index ccaedf9024..613af139e3 100644 --- a/lib/gnutls_v2_compat.h +++ b/lib/gnutls_v2_compat.h @@ -21,4 +21,4 @@ */ int _gnutls_read_client_hello_v2 (gnutls_session_t session, opaque * data, - int datalen); + unsigned int datalen); diff --git a/lib/opencdk/misc.c b/lib/opencdk/misc.c index c10279d763..dbfddfad12 100644 --- a/lib/opencdk/misc.c +++ b/lib/opencdk/misc.c @@ -182,7 +182,7 @@ _cdk_tmpfile (void) /* Because the tmpfile() version of wine is not really useful, we implement our own version to avoid problems with 'make check'. */ static const char *letters = "abcdefghijklmnopqrstuvwxyz"; - char buf[512], rnd[24]; + unsigned char buf[512], rnd[24]; FILE *fp; int fd, i; diff --git a/lib/x509/common.c b/lib/x509/common.c index 459fe9ef41..7777267674 100644 --- a/lib/x509/common.c +++ b/lib/x509/common.c @@ -109,7 +109,7 @@ static const struct oid2string _oid2str[] = { int _gnutls_x509_oid_data_printable (const char *oid) { - int i = 0; + unsigned int i = 0; do { @@ -139,7 +139,7 @@ _gnutls_x509_oid_data_printable (const char *oid) int gnutls_x509_dn_oid_known (const char *oid) { - int i = 0; + unsigned int i = 0; do { @@ -158,7 +158,7 @@ gnutls_x509_dn_oid_known (const char *oid) int _gnutls_x509_oid_data_choice (const char *oid) { - int i = 0; + unsigned int i = 0; do { @@ -188,7 +188,7 @@ _gnutls_x509_oid_data_choice (const char *oid) const char* gnutls_x509_dn_oid_name (const char *oid, unsigned int flags) { - int i = 0; + unsigned int i = 0; do { @@ -205,7 +205,7 @@ gnutls_x509_dn_oid_name (const char *oid, unsigned int flags) const char * _gnutls_x509_oid2asn_string (const char *oid) { - int i = 0; + unsigned int i = 0; do { @@ -455,7 +455,7 @@ static time_t mktime_utc (const struct fake_tm *tm) { time_t result = 0; - int i; + unsigned int i; /* We do allow some ill-formed dates, but we don't do anything special * with them and our callers really shouldn't pass them to us. Do @@ -1437,15 +1437,16 @@ int _gnutls_x509_get_signature (ASN1_TYPE src, const char *src_name, gnutls_datum_t * signature) { - int bits, result, len; + int result, len; + unsigned int bits; signature->data = NULL; signature->size = 0; /* Read the signature */ - bits = 0; - result = asn1_read_value (src, src_name, NULL, &bits); + len = 0; + result = asn1_read_value (src, src_name, NULL, &len); if (result != ASN1_MEM_ERROR) { @@ -1454,6 +1455,7 @@ _gnutls_x509_get_signature (ASN1_TYPE src, const char *src_name, goto cleanup; } + bits = len; if (bits % 8 != 0) { gnutls_assert (); @@ -1474,7 +1476,7 @@ _gnutls_x509_get_signature (ASN1_TYPE src, const char *src_name, /* read the bit string of the signature */ bits = len; - result = asn1_read_value (src, src_name, signature->data, &bits); + result = asn1_read_value (src, src_name, signature->data, (int*)&bits); if (result != ASN1_SUCCESS) { diff --git a/lib/x509/crl.c b/lib/x509/crl.c index 916cfb24bb..ef8a0b0891 100644 --- a/lib/x509/crl.c +++ b/lib/x509/crl.c @@ -326,7 +326,7 @@ gnutls_x509_crl_get_signature (gnutls_x509_crl_t crl, char *sig, size_t * sizeof_sig) { int result; - int bits; + unsigned int bits; int len; if (crl == NULL) @@ -335,14 +335,16 @@ gnutls_x509_crl_get_signature (gnutls_x509_crl_t crl, return GNUTLS_E_INVALID_REQUEST; } - bits = 0; - result = asn1_read_value (crl->crl, "signature", NULL, &bits); + len = 0; + result = asn1_read_value (crl->crl, "signature", NULL, &len); + if (result != ASN1_MEM_ERROR) { gnutls_assert (); return _gnutls_asn2err (result); } + bits = len; if (bits % 8 != 0) { gnutls_assert (); diff --git a/lib/x509/privkey_pkcs8.c b/lib/x509/privkey_pkcs8.c index 272ffe64fe..1fa6b81bd8 100644 --- a/lib/x509/privkey_pkcs8.c +++ b/lib/x509/privkey_pkcs8.c @@ -1898,7 +1898,7 @@ generate_key (schema_id schema, struct pbkdf2_params *kdf_params, struct pbe_enc_params *enc_params, gnutls_datum_t * key) { - opaque rnd[2]; + unsigned char rnd[2]; int ret; ret = _gnutls_rnd (GNUTLS_RND_RANDOM, rnd, 2); diff --git a/lib/x509/x509.c b/lib/x509/x509.c index d20e9f313f..af45c86dcd 100644 --- a/lib/x509/x509.c +++ b/lib/x509/x509.c @@ -498,7 +498,8 @@ gnutls_x509_crt_get_signature (gnutls_x509_crt_t cert, char *sig, size_t * sizeof_sig) { int result; - int bits, len; + unsigned int bits; + int len; if (cert == NULL) { @@ -506,14 +507,15 @@ gnutls_x509_crt_get_signature (gnutls_x509_crt_t cert, return GNUTLS_E_INVALID_REQUEST; } - bits = 0; - result = asn1_read_value (cert->cert, "signature", NULL, &bits); + len = 0; + result = asn1_read_value (cert->cert, "signature", NULL, &len); if (result != ASN1_MEM_ERROR) { gnutls_assert (); return _gnutls_asn2err (result); } + bits = len; if (bits % 8 != 0) { gnutls_assert (); @@ -524,7 +526,7 @@ gnutls_x509_crt_get_signature (gnutls_x509_crt_t cert, if (*sizeof_sig < (unsigned int) len) { - *sizeof_sig = bits / 8; + *sizeof_sig = len; return GNUTLS_E_SHORT_MEMORY_BUFFER; } diff --git a/lib/x509_b64.c b/lib/x509_b64.c index 2ad8144df1..78918c365e 100644 --- a/lib/x509_b64.c +++ b/lib/x509_b64.c @@ -153,7 +153,8 @@ int _gnutls_fbase64_encode (const char *msg, const uint8_t * data, int data_size, uint8_t ** result) { - int i, ret, tmp, j; + int ret, tmp; + unsigned int i, j; char tmpres[4]; uint8_t *ptr; uint8_t top[80];