Avoid unchecked data conversions from size_t to unsigned int.
Reported-by: James Fuller
Closes #21174
struct HMAC_context *Curl_HMAC_init(const struct HMAC_params *hashparams,
const unsigned char *key,
unsigned int keylen);
-int Curl_HMAC_update(struct HMAC_context *ctxt,
- const unsigned char *data,
- unsigned int len);
+void Curl_HMAC_update(struct HMAC_context *ctxt,
+ const unsigned char *data,
+ unsigned int len);
int Curl_HMAC_final(struct HMAC_context *ctxt, unsigned char *output);
CURLcode Curl_hmacit(const struct HMAC_params *hashparams,
const unsigned char *key, const size_t keylen,
- const unsigned char *data, const size_t datalen,
+ const unsigned char *data, size_t datalen,
unsigned char *output);
#endif
extern const struct HMAC_params Curl_HMAC_MD5;
CURLcode Curl_md5it(unsigned char *output, const unsigned char *input,
- const size_t len);
+ size_t len);
struct MD5_context *Curl_MD5_init(const struct MD5_params *md5params);
CURLcode Curl_MD5_update(struct MD5_context *context,
#endif
CURLcode Curl_sha256it(unsigned char *output, const unsigned char *input,
- const size_t len);
+ size_t len);
#endif
const unsigned char *data,
size_t length)
{
- if(wc_Sha512_256Update(ctx, data, (word32)length))
- return CURLE_SSL_CIPHER;
+ do {
+ word32 ilen = (word32) CURLMIN(length, UINT_MAX);
+ if(wc_Sha512_256Update(ctx, data, ilen))
+ return CURLE_SSL_CIPHER;
+ length -= ilen;
+ data += ilen;
+ } while(length);
return CURLE_OK;
}
return NULL;
}
-int Curl_HMAC_update(struct HMAC_context *ctxt,
- const unsigned char *data,
- unsigned int len)
+void Curl_HMAC_update(struct HMAC_context *ctxt,
+ const unsigned char *data,
+ unsigned int len)
{
/* Update first hash calculation. */
ctxt->hash->hupdate(ctxt->hashctxt1, data, len);
- return 0;
}
int Curl_HMAC_final(struct HMAC_context *ctxt, unsigned char *output)
*/
CURLcode Curl_hmacit(const struct HMAC_params *hashparams,
const unsigned char *key, const size_t keylen,
- const unsigned char *data, const size_t datalen,
+ const unsigned char *data, size_t datalen,
unsigned char *output)
{
- struct HMAC_context *ctxt =
- Curl_HMAC_init(hashparams, key, curlx_uztoui(keylen));
+ struct HMAC_context *ctxt;
+ if(keylen > UINT_MAX) /* unlikely to ever happen */
+ return CURLE_BAD_FUNCTION_ARGUMENT;
+ ctxt = Curl_HMAC_init(hashparams, key, curlx_uztoui(keylen));
if(!ctxt)
return CURLE_OUT_OF_MEMORY;
/* Update the digest with the given challenge */
- Curl_HMAC_update(ctxt, data, curlx_uztoui(datalen));
+ do {
+ unsigned int ilen = (unsigned int) CURLMIN(datalen, UINT_MAX);
+ Curl_HMAC_update(ctxt, data, ilen);
+ datalen -= ilen;
+ data += ilen;
+ } while(datalen);
/* Finalise the digest */
Curl_HMAC_final(ctxt, output);
* Returns CURLE_OK on success.
*/
CURLcode Curl_md5it(unsigned char *output,
- const unsigned char *input, const size_t len)
+ const unsigned char *input, size_t len)
{
CURLcode result;
my_md5_ctx ctx;
result = my_md5_init(&ctx);
if(!result) {
- my_md5_update(&ctx, input, curlx_uztoui(len));
+ do {
+ unsigned int ilen = (unsigned int) CURLMIN(len, UINT_MAX);
+ my_md5_update(&ctx, input, ilen);
+ input += ilen;
+ len -= len;
+ } while(len);
my_md5_final(output, &ctx);
}
return result;
* Returns CURLE_OK on success.
*/
CURLcode Curl_sha256it(unsigned char *output, const unsigned char *input,
- const size_t len)
+ size_t len)
{
CURLcode result;
my_sha256_ctx ctx;
result = my_sha256_init(&ctx);
if(!result) {
- my_sha256_update(&ctx, input, curlx_uztoui(len));
+ do {
+ unsigned int ilen = (unsigned int) CURLMIN(len, UINT_MAX);
+ my_sha256_update(&ctx, input, ilen);
+ len -= ilen;
+ input += ilen;
+ } while(len);
my_sha256_final(output, &ctx);
}
return result;
projects / thirdparty / curl.git / commitdiff
