From abe32bce066ccf77db7e49159ea0f8111c02a3c4 Mon Sep 17 00:00:00 2001 From: Frank Lichtenheld Date: Sun, 16 Nov 2025 22:54:27 +0100 Subject: [PATCH] ssl: Clean up type handling in parse_early_negotiation_tlvs() buf_read_u16 does not return uint16_t. Change-Id: Ie7ad637223c332f7611c09b20a8d7a3a92d97ec7 Signed-off-by: Frank Lichtenheld Acked-by: Gert Doering Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1302 Message-Id: <20251116215433.29257-1-gert@greenie.muc.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg34487.html Signed-off-by: Gert Doering --- src/openvpn/ssl.c | 17 ++++------------- 1 file changed, 4 insertions(+), 13 deletions(-) diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c index 48418372a..85016937b 100644 --- a/src/openvpn/ssl.c +++ b/src/openvpn/ssl.c @@ -2194,11 +2194,6 @@ export_user_keying_material(struct tls_session *session) } } -#if defined(__GNUC__) || defined(__clang__) -#pragma GCC diagnostic push -#pragma GCC diagnostic ignored "-Wconversion" -#endif - /** * Handle reading key data, peer-info, username/password, OCC * from the TLS control channel (cleartext). @@ -2522,9 +2517,9 @@ parse_early_negotiation_tlvs(struct buffer *buf, struct key_state *ks) goto error; } /* read type */ - uint16_t type = buf_read_u16(buf); - uint16_t len = buf_read_u16(buf); - if (buf_len(buf) < len) + int type = buf_read_u16(buf); + int len = buf_read_u16(buf); + if (type < 0 || len < 0 || buf_len(buf) < len) { goto error; } @@ -2536,7 +2531,7 @@ parse_early_negotiation_tlvs(struct buffer *buf, struct key_state *ks) { goto error; } - uint16_t flags = buf_read_u16(buf); + int flags = buf_read_u16(buf); if (flags & EARLY_NEG_FLAG_RESEND_WKC) { @@ -3963,10 +3958,6 @@ tls_pre_encrypt(struct tls_multi *multi, struct buffer *buf, struct crypto_optio } } -#if defined(__GNUC__) || defined(__clang__) -#pragma GCC diagnostic pop -#endif - void tls_prepend_opcode_v1(const struct tls_multi *multi, struct buffer *buf) { -- 2.47.3