From: Philippe Antoine <contact@catenacyber.fr>
Date: Mon, 6 Dec 2021 08:44:12 +0000 (+0100)
Subject: ssl: fix int warnings
X-Git-Tag: suricata-7.0.0-beta1~1064
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c56b1c99d54ef7ea2d1ec4cf4775d04c73e83437;p=thirdparty%2Fsuricata.git

ssl: fix int warnings

especially increasing padding_len size
---

diff --git a/src/app-layer-ssl.c b/src/app-layer-ssl.c
index 41855f61b5..9b32b173af 100644
--- a/src/app-layer-ssl.c
+++ b/src/app-layer-ssl.c
@@ -620,7 +620,7 @@ static inline int TLSDecodeHSHelloVersion(SSLState *ssl_state,
         return -1;
     }
 
-    uint16_t version = *input << 8 | *(input + 1);
+    uint16_t version = (uint16_t)(*input << 8) | *(input + 1);
     ssl_state->curr_connp->version = version;
 
     /* TLSv1.3 draft1 to draft21 use the version field as earlier TLS
@@ -744,7 +744,7 @@ static inline int TLSDecodeHSHelloCipherSuites(SSLState *ssl_state,
     if (ssl_state->current_flags & SSL_AL_FLAG_STATE_SERVER_HELLO) {
         cipher_suites_length = 2;
     } else if (ssl_state->current_flags & SSL_AL_FLAG_STATE_CLIENT_HELLO) {
-        cipher_suites_length = *input << 8 | *(input + 1);
+        cipher_suites_length = (uint16_t)(*input << 8) | *(input + 1);
         input += 2;
     } else {
         return -1;
@@ -772,7 +772,7 @@ static inline int TLSDecodeHSHelloCipherSuites(SSLState *ssl_state,
                 goto invalid_length;
             }
 
-            uint16_t cipher_suite = *input << 8 | *(input + 1);
+            uint16_t cipher_suite = (uint16_t)(*input << 8) | *(input + 1);
             input += 2;
 
             if (TLSDecodeValueIsGREASE(cipher_suite) != 1) {
@@ -870,7 +870,7 @@ static inline int TLSDecodeHSHelloExtensionSni(SSLState *ssl_state,
     if (!(HAS_SPACE(2)))
         goto invalid_length;
 
-    uint16_t sni_len = *input << 8 | *(input + 1);
+    uint16_t sni_len = (uint16_t)(*input << 8) | *(input + 1);
     input += 2;
 
     /* host_name contains the fully qualified domain name,
@@ -943,7 +943,7 @@ static inline int TLSDecodeHSHelloExtensionSupportedVersions(SSLState *ssl_state
             goto invalid_length;
 
         /* Use the first (and prefered) version as client version */
-        ssl_state->curr_connp->version = *input << 8 | *(input + 1);
+        ssl_state->curr_connp->version = (uint16_t)(*input << 8) | *(input + 1);
 
         /* Set a flag to indicate that we have seen this extension */
         ssl_state->flags |= SSL_AL_FLAG_CH_VERSION_EXTENSION;
@@ -954,7 +954,7 @@ static inline int TLSDecodeHSHelloExtensionSupportedVersions(SSLState *ssl_state
         if (!(HAS_SPACE(2)))
             goto invalid_length;
 
-        uint16_t ver = *input << 8 | *(input + 1);
+        uint16_t ver = (uint16_t)(*input << 8) | *(input + 1);
 
         if ((ssl_state->flags & SSL_AL_FLAG_CH_VERSION_EXTENSION) &&
                 (ver > TLS_VERSION_12)) {
@@ -989,7 +989,7 @@ static inline int TLSDecodeHSHelloExtensionEllipticCurves(SSLState *ssl_state,
     if (!(HAS_SPACE(2)))
         goto invalid_length;
 
-    uint16_t elliptic_curves_len = *input << 8 | *(input + 1);
+    uint16_t elliptic_curves_len = (uint16_t)(*input << 8) | *(input + 1);
     input += 2;
 
     if (!(HAS_SPACE(elliptic_curves_len)))
@@ -1004,7 +1004,7 @@ static inline int TLSDecodeHSHelloExtensionEllipticCurves(SSLState *ssl_state,
             if (!(HAS_SPACE(2)))
                 goto invalid_length;
 
-            uint16_t elliptic_curve = *input << 8 | *(input + 1);
+            uint16_t elliptic_curve = (uint16_t)(*input << 8) | *(input + 1);
             input += 2;
 
             if (TLSDecodeValueIsGREASE(elliptic_curve) != 1) {
@@ -1120,7 +1120,7 @@ static inline int TLSDecodeHSHelloExtensions(SSLState *ssl_state,
     if (!(HAS_SPACE(2)))
         goto end;
 
-    uint16_t extensions_len = *input << 8 | *(input + 1);
+    uint16_t extensions_len = (uint16_t)(*input << 8) | *(input + 1);
     input += 2;
 
     if (!(HAS_SPACE(extensions_len)))
@@ -1133,13 +1133,13 @@ static inline int TLSDecodeHSHelloExtensions(SSLState *ssl_state,
         if (!(HAS_SPACE(2)))
             goto invalid_length;
 
-        uint16_t ext_type = *input << 8 | *(input + 1);
+        uint16_t ext_type = (uint16_t)(*input << 8) | *(input + 1);
         input += 2;
 
         if (!(HAS_SPACE(2)))
             goto invalid_length;
 
-        uint16_t ext_len = *input << 8 | *(input + 1);
+        uint16_t ext_len = (uint16_t)(*input << 8) | *(input + 1);
         input += 2;
 
         if (!(HAS_SPACE(ext_len)))
@@ -1707,7 +1707,7 @@ static int SSLv3ParseHeartbeatProtocol(SSLState *ssl_state, const uint8_t *input
 {
     uint8_t hb_type;
     uint16_t payload_len;
-    uint16_t padding_len;
+    uint32_t padding_len;
 
     /* expect at least 3 bytes: heartbeat type (1) + length (2) */
     if (input_len < 3) {
@@ -1743,8 +1743,7 @@ static int SSLv3ParseHeartbeatProtocol(SSLState *ssl_state, const uint8_t *input
             return (ssl_state->curr_connp->record_length - 3);
         }
 
-        payload_len = (*input++) << 8;
-        payload_len |= (*input++);
+        payload_len = (uint16_t)(*input << 8) | *(input + 1);
 
         /* check that the requested payload length is really present in
            the record (CVE-2014-0160) */
@@ -1845,8 +1844,7 @@ static int SSLv3ParseRecord(uint8_t direction, SSLState *ssl_state,
             if (input_len >= 5) {
                 ssl_state->curr_connp->content_type = input[0];
                 if (!skip_version) {
-                    ssl_state->curr_connp->version = input[1] << 8;
-                    ssl_state->curr_connp->version |= input[2];
+                    ssl_state->curr_connp->version = (uint16_t)(input[1] << 8) | input[2];
                 }
                 ssl_state->curr_connp->record_length = input[3] << 8;
                 ssl_state->curr_connp->record_length |= input[4];
@@ -1861,7 +1859,7 @@ static int SSLv3ParseRecord(uint8_t direction, SSLState *ssl_state,
             /* fall through */
         case 1:
             if (!skip_version) {
-                ssl_state->curr_connp->version = *(input++) << 8;
+                ssl_state->curr_connp->version = (uint16_t)(*(input++) << 8);
             } else {
                 input++;
             }
@@ -2045,7 +2043,7 @@ static int SSLv2Decode(uint8_t direction, SSLState *ssl_state,
                 switch (ssl_state->curr_connp->bytes_processed) {
                     case 4:
                         if (input_len >= 6) {
-                            uint16_t session_id_length = input[5] | (input[4] << 8);
+                            uint16_t session_id_length = (input[5]) | (uint16_t)(input[4] << 8);
                             input += 6;
                             input_len -= 6;
                             ssl_state->curr_connp->bytes_processed += 6;
@@ -2101,7 +2099,7 @@ static int SSLv2Decode(uint8_t direction, SSLState *ssl_state,
                 switch (ssl_state->curr_connp->bytes_processed) {
                     case 3:
                         if (input_len >= 6) {
-                            uint16_t session_id_length = input[5] | (input[4] << 8);
+                            uint16_t session_id_length = (input[5]) | (uint16_t)(input[4] << 8);
                             input += 6;
                             input_len -= 6;
                             ssl_state->curr_connp->bytes_processed += 6;
diff --git a/src/app-layer-ssl.h b/src/app-layer-ssl.h
index f5ded77ac4..becc5c3def 100644
--- a/src/app-layer-ssl.h
+++ b/src/app-layer-ssl.h
@@ -239,7 +239,7 @@ typedef struct SSLState_ {
     uint32_t flags;
 
     /* there might be a better place to store this*/
-    uint16_t hb_record_len;
+    uint32_t hb_record_len;
 
     uint16_t events;