From e0fe31f1fc2ba13ada1d6bc35231847b75be4ee9 Mon Sep 17 00:00:00 2001 From: Daiki Ueno Date: Thu, 8 Aug 2019 18:02:08 +0200 Subject: [PATCH 1/2] gnutls_int.h: make DECR_LEN neutral to signedness DECR_LEN was previously implemented in a way that it first decrements the given length and then checks whether the result is negative. This requires the caller to properly coerce the length argument to a signed integer, before invoking the macro. Signed-off-by: Daiki Ueno --- lib/gnutls_int.h | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h index 179d71b4a..7f7b6a7c9 100644 --- a/lib/gnutls_int.h +++ b/lib/gnutls_int.h @@ -256,14 +256,15 @@ typedef enum record_send_state_t { #define MEMSUB(x,y) ((ssize_t)((ptrdiff_t)x-(ptrdiff_t)y)) -#define DECR_LEN(len, x) do { len-=x; if (len<0) {gnutls_assert(); return GNUTLS_E_UNEXPECTED_PACKET_LENGTH;} } while (0) +#define DECR_LEN(len, x) DECR_LENGTH_RET(len, x, GNUTLS_E_UNEXPECTED_PACKET_LENGTH) #define DECR_LEN_FINAL(len, x) do { \ - len-=x; \ - if (len != 0) \ + if (len != x) \ return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH); \ + else \ + len = 0; \ } while (0) -#define DECR_LENGTH_RET(len, x, RET) do { len-=x; if (len<0) {gnutls_assert(); return RET;} } while (0) -#define DECR_LENGTH_COM(len, x, COM) do { len-=x; if (len<0) {gnutls_assert(); COM;} } while (0) +#define DECR_LENGTH_RET(len, x, RET) DECR_LENGTH_COM(len, x, return RET) +#define DECR_LENGTH_COM(len, x, COM) do { if (len Date: Thu, 8 Aug 2019 18:04:18 +0200 Subject: [PATCH 2/2] lib/*: remove unnecessary cast to ssize_t Signed-off-by: Daiki Ueno --- lib/crypto-api.c | 10 +++++----- lib/ext/alpn.c | 3 +-- lib/ext/client_cert_type.c | 9 ++++----- lib/ext/cookie.c | 5 ++--- lib/ext/ec_point_formats.c | 7 +++---- lib/ext/key_share.c | 5 ++--- lib/ext/max_record.c | 3 +-- lib/ext/psk_ke_modes.c | 3 +-- lib/ext/record_size_limit.c | 3 +-- lib/ext/safe_renegotiation.c | 3 +-- lib/ext/server_cert_type.c | 9 ++++----- lib/ext/server_name.c | 3 +-- lib/ext/session_ticket.c | 5 ++--- lib/ext/signature.c | 3 +-- lib/ext/srp.c | 3 +-- lib/ext/srtp.c | 5 ++--- lib/ext/status_request.c | 3 +-- lib/ext/supported_groups.c | 3 +-- lib/ext/supported_versions.c | 5 ++--- lib/extv.c | 8 ++++---- lib/sslv2_compat.c | 3 +-- lib/supplemental.c | 4 ++-- lib/tls13/certificate.c | 21 +++++++++++---------- lib/tls13/psk_ext_parser.c | 4 +--- lib/tls13/psk_ext_parser.h | 4 ++-- lib/tls13/session_ticket.c | 2 +- 26 files changed, 58 insertions(+), 78 deletions(-) diff --git a/lib/crypto-api.c b/lib/crypto-api.c index 2834c0199..09b3d7bfc 100644 --- a/lib/crypto-api.c +++ b/lib/crypto-api.c @@ -990,9 +990,9 @@ gnutls_aead_cipher_encryptv(gnutls_aead_cipher_hd_t handle, api_aead_cipher_hd_st *h = handle; ssize_t ret; uint8_t *dst; - ssize_t dst_size, total = 0; + size_t dst_size, total = 0; uint8_t *p; - ssize_t blocksize = handle->ctx_enc.e->blocksize; + size_t blocksize = handle->ctx_enc.e->blocksize; struct iov_iter_st iter; size_t blocks; @@ -1071,7 +1071,7 @@ gnutls_aead_cipher_encryptv(gnutls_aead_cipher_hd_t handle, if (ret == 0) break; blocks = ret; - if (unlikely((size_t) dst_size < blocksize * blocks)) + if (unlikely(dst_size < blocksize * blocks)) return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER); ret = _gnutls_cipher_encrypt2(&handle->ctx_enc, p, blocksize * blocks, @@ -1083,7 +1083,7 @@ gnutls_aead_cipher_encryptv(gnutls_aead_cipher_hd_t handle, total += blocksize * blocks; } if (iter.block_offset > 0) { - if (unlikely((size_t) dst_size < iter.block_offset)) + if (unlikely(dst_size < iter.block_offset)) return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER); ret = _gnutls_cipher_encrypt2(&handle->ctx_enc, iter.block, iter.block_offset, @@ -1095,7 +1095,7 @@ gnutls_aead_cipher_encryptv(gnutls_aead_cipher_hd_t handle, total += iter.block_offset; } - if ((size_t)dst_size < tag_size) + if (dst_size < tag_size) return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER); _gnutls_cipher_tag(&handle->ctx_enc, dst, tag_size); diff --git a/lib/ext/alpn.c b/lib/ext/alpn.c index 34f6ce09d..b9991f0a1 100644 --- a/lib/ext/alpn.c +++ b/lib/ext/alpn.c @@ -51,13 +51,12 @@ const hello_ext_entry_st ext_mod_alpn = { static int _gnutls_alpn_recv_params(gnutls_session_t session, - const uint8_t * data, size_t _data_size) + const uint8_t * data, size_t data_size) { unsigned int i; int ret; const uint8_t *p = data; unsigned len1, len; - ssize_t data_size = _data_size; alpn_ext_st *priv; gnutls_ext_priv_data_t epriv; int selected_protocol_index; diff --git a/lib/ext/client_cert_type.c b/lib/ext/client_cert_type.c index 471d42c5f..b627b71f9 100644 --- a/lib/ext/client_cert_type.c +++ b/lib/ext/client_cert_type.c @@ -73,7 +73,6 @@ static int _gnutls_client_cert_type_recv_params(gnutls_session_t session, gnutls_certificate_type_t cert_type; uint8_t i, found = 0; - ssize_t len = data_size; const uint8_t* pdata = data; /* Only activate this extension if we have cert credentials set @@ -86,7 +85,7 @@ static int _gnutls_client_cert_type_recv_params(gnutls_session_t session, /* Compare packet length with expected packet length. For the * client this is a single byte. */ - if (len != 1) { + if (data_size != 1) { return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH); } @@ -136,8 +135,8 @@ static int _gnutls_client_cert_type_recv_params(gnutls_session_t session, } else { // server mode // Compare packet length with expected packet length. - DECR_LEN(len, 1); - if (data[0] != len) { + DECR_LEN(data_size, 1); + if (data[0] != data_size) { return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH); } @@ -145,7 +144,7 @@ static int _gnutls_client_cert_type_recv_params(gnutls_session_t session, // Assign the contents of our data buffer to a gnutls_datum_t cert_types.data = (uint8_t*)pdata; // Need casting to get rid of 'discards const qualifier' warning - cert_types.size = len; + cert_types.size = data_size; // Store the client certificate types in our session _gnutls_hello_ext_set_datum(session, diff --git a/lib/ext/cookie.c b/lib/ext/cookie.c index 1e66c3d49..0feb2f0e5 100644 --- a/lib/ext/cookie.c +++ b/lib/ext/cookie.c @@ -53,10 +53,9 @@ const hello_ext_entry_st ext_mod_cookie = { /* Only client sends this extension. */ static int cookie_recv_params(gnutls_session_t session, - const uint8_t * data, size_t _data_size) + const uint8_t * data, size_t data_size) { - ssize_t data_size = _data_size; - ssize_t csize; + size_t csize; int ret; gnutls_datum_t tmp; diff --git a/lib/ext/ec_point_formats.c b/lib/ext/ec_point_formats.c index eb59ec139..c702d434c 100644 --- a/lib/ext/ec_point_formats.c +++ b/lib/ext/ec_point_formats.c @@ -57,11 +57,10 @@ const hello_ext_entry_st ext_mod_supported_ec_point_formats = { static int _gnutls_supported_ec_point_formats_recv_params(gnutls_session_t session, const uint8_t * data, - size_t _data_size) + size_t data_size) { - int len, i; + size_t len, i; int uncompressed = 0; - int data_size = _data_size; if (session->security_parameters.entity == GNUTLS_CLIENT) { if (data_size < 1) @@ -91,7 +90,7 @@ _gnutls_supported_ec_point_formats_recv_params(gnutls_session_t session, /* only sanity check here. We only support uncompressed points * and a client must support it thus nothing to check. */ - if (_data_size < 1) + if (data_size < 1) return gnutls_assert_val (GNUTLS_E_RECEIVED_ILLEGAL_EXTENSION); diff --git a/lib/ext/key_share.c b/lib/ext/key_share.c index 599eff8fb..8f0912e69 100644 --- a/lib/ext/key_share.c +++ b/lib/ext/key_share.c @@ -504,11 +504,10 @@ client_use_key_share(gnutls_session_t session, const gnutls_group_entry_st *grou static int key_share_recv_params(gnutls_session_t session, - const uint8_t * data, size_t _data_size) + const uint8_t * data, size_t data_size) { int ret; - ssize_t data_size = _data_size; - ssize_t size; + size_t size; unsigned gid; const version_entry_st *ver; const gnutls_group_entry_st *group; diff --git a/lib/ext/max_record.c b/lib/ext/max_record.c index dbb98cf62..3cada69be 100644 --- a/lib/ext/max_record.c +++ b/lib/ext/max_record.c @@ -65,10 +65,9 @@ const hello_ext_entry_st ext_mod_max_record_size = { static int _gnutls_max_record_recv_params(gnutls_session_t session, - const uint8_t * data, size_t _data_size) + const uint8_t * data, size_t data_size) { ssize_t new_size; - ssize_t data_size = _data_size; if (session->internals.hsk_flags & HSK_RECORD_SIZE_LIMIT_NEGOTIATED) return 0; diff --git a/lib/ext/psk_ke_modes.c b/lib/ext/psk_ke_modes.c index da7a55098..8d8effb43 100644 --- a/lib/ext/psk_ke_modes.c +++ b/lib/ext/psk_ke_modes.c @@ -106,10 +106,9 @@ psk_ke_modes_send_params(gnutls_session_t session, */ static int psk_ke_modes_recv_params(gnutls_session_t session, - const unsigned char *data, size_t _len) + const unsigned char *data, size_t len) { uint8_t ke_modes_len; - ssize_t len = _len; const version_entry_st *vers = get_version(session); gnutls_psk_server_credentials_t cred; int dhpsk_pos = MAX_POS; diff --git a/lib/ext/record_size_limit.c b/lib/ext/record_size_limit.c index e9fe6a1d8..0e94fece3 100644 --- a/lib/ext/record_size_limit.c +++ b/lib/ext/record_size_limit.c @@ -48,10 +48,9 @@ const hello_ext_entry_st ext_mod_record_size_limit = { static int _gnutls_record_size_limit_recv_params(gnutls_session_t session, - const uint8_t * data, size_t _data_size) + const uint8_t * data, size_t data_size) { ssize_t new_size; - ssize_t data_size = _data_size; const version_entry_st *vers; DECR_LEN(data_size, 2); diff --git a/lib/ext/safe_renegotiation.c b/lib/ext/safe_renegotiation.c index 6424f45b5..bb4a57e45 100644 --- a/lib/ext/safe_renegotiation.c +++ b/lib/ext/safe_renegotiation.c @@ -265,10 +265,9 @@ int _gnutls_ext_sr_send_cs(gnutls_session_t session) static int _gnutls_sr_recv_params(gnutls_session_t session, - const uint8_t * data, size_t _data_size) + const uint8_t * data, size_t data_size) { unsigned int len; - ssize_t data_size = _data_size; sr_ext_st *priv; gnutls_ext_priv_data_t epriv; int set = 0, ret; diff --git a/lib/ext/server_cert_type.c b/lib/ext/server_cert_type.c index dbcb3971b..864a44bbc 100644 --- a/lib/ext/server_cert_type.c +++ b/lib/ext/server_cert_type.c @@ -73,7 +73,6 @@ static int _gnutls_server_cert_type_recv_params(gnutls_session_t session, gnutls_certificate_type_t cert_type; uint8_t i, found = 0; - ssize_t len = data_size; const uint8_t* pdata = data; /* Only activate this extension if we have cert credentials set @@ -86,7 +85,7 @@ static int _gnutls_server_cert_type_recv_params(gnutls_session_t session, /* Compare packet length with expected packet length. For the * client this is a single byte. */ - if (len != 1) { + if (data_size != 1) { return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH); } @@ -135,8 +134,8 @@ static int _gnutls_server_cert_type_recv_params(gnutls_session_t session, } else { // server mode // Compare packet length with expected packet length. - DECR_LEN(len, 1); - if (data[0] != len) { + DECR_LEN(data_size, 1); + if (data[0] != data_size) { return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH); } @@ -144,7 +143,7 @@ static int _gnutls_server_cert_type_recv_params(gnutls_session_t session, // Assign the contents of our data buffer to a gnutls_datum_t cert_types.data = (uint8_t*)pdata; // Need casting to get rid of 'discards const qualifier' warning - cert_types.size = len; + cert_types.size = data_size; // Store the server certificate types in our session _gnutls_hello_ext_set_datum(session, diff --git a/lib/ext/server_name.c b/lib/ext/server_name.c index 259dc998e..0c6331569 100644 --- a/lib/ext/server_name.c +++ b/lib/ext/server_name.c @@ -66,11 +66,10 @@ const hello_ext_entry_st ext_mod_server_name = { */ static int _gnutls_server_name_recv_params(gnutls_session_t session, - const uint8_t * data, size_t _data_size) + const uint8_t * data, size_t data_size) { const unsigned char *p; uint16_t len, type; - ssize_t data_size = _data_size; gnutls_datum_t name; if (session->security_parameters.entity == GNUTLS_SERVER) { diff --git a/lib/ext/session_ticket.c b/lib/ext/session_ticket.c index 98db39ff8..263273fa2 100644 --- a/lib/ext/session_ticket.c +++ b/lib/ext/session_ticket.c @@ -78,7 +78,7 @@ static int unpack_ticket(const gnutls_datum_t *ticket_data, struct ticket_st *ticket) { const uint8_t * data = ticket_data->data; - ssize_t data_size = ticket_data->size; + size_t data_size = ticket_data->size; const uint8_t *encrypted_state; /* Format: @@ -371,11 +371,10 @@ unpack_session(gnutls_session_t session, const gnutls_datum_t *state) static int session_ticket_recv_params(gnutls_session_t session, - const uint8_t * data, size_t _data_size) + const uint8_t * data, size_t data_size) { gnutls_datum_t ticket_data; gnutls_datum_t state; - ssize_t data_size = _data_size; int ret; if (session->internals.flags & GNUTLS_NO_TICKETS) diff --git a/lib/ext/signature.c b/lib/ext/signature.c index e734d2c7d..a90f58d53 100644 --- a/lib/ext/signature.c +++ b/lib/ext/signature.c @@ -187,9 +187,8 @@ _gnutls_sign_algorithm_parse_data(gnutls_session_t session, static int _gnutls_signature_algorithm_recv_params(gnutls_session_t session, const uint8_t * data, - size_t _data_size) + size_t data_size) { - ssize_t data_size = _data_size; int ret; if (session->security_parameters.entity == GNUTLS_CLIENT) { diff --git a/lib/ext/srp.c b/lib/ext/srp.c index 8b58222e0..07f6e6883 100644 --- a/lib/ext/srp.c +++ b/lib/ext/srp.c @@ -59,10 +59,9 @@ const hello_ext_entry_st ext_mod_srp = { static int _gnutls_srp_recv_params(gnutls_session_t session, const uint8_t * data, - size_t _data_size) + size_t data_size) { uint8_t len; - ssize_t data_size = _data_size; gnutls_ext_priv_data_t epriv; srp_ext_st *priv; diff --git a/lib/ext/srtp.c b/lib/ext/srtp.c index 3fc7ed35a..412e26d45 100644 --- a/lib/ext/srtp.c +++ b/lib/ext/srtp.c @@ -162,13 +162,12 @@ const char *gnutls_srtp_get_profile_name(gnutls_srtp_profile_t profile) static int _gnutls_srtp_recv_params(gnutls_session_t session, - const uint8_t * data, size_t _data_size) + const uint8_t * data, size_t data_size) { unsigned int i; int ret; const uint8_t *p = data; - int len; - ssize_t data_size = _data_size; + size_t len; srtp_ext_st *priv; gnutls_ext_priv_data_t epriv; uint16_t profile; diff --git a/lib/ext/status_request.c b/lib/ext/status_request.c index d8779e8cf..cf9d5bd03 100644 --- a/lib/ext/status_request.c +++ b/lib/ext/status_request.c @@ -86,9 +86,8 @@ client_send(gnutls_session_t session, static int server_recv(gnutls_session_t session, status_request_ext_st * priv, - const uint8_t * data, size_t size) + const uint8_t * data, size_t data_size) { - ssize_t data_size = size; unsigned rid_bytes = 0; /* minimum message is type (1) + responder_id_list (2) + diff --git a/lib/ext/supported_groups.c b/lib/ext/supported_groups.c index 952d3bb0c..ef7859f73 100644 --- a/lib/ext/supported_groups.c +++ b/lib/ext/supported_groups.c @@ -93,10 +93,9 @@ static unsigned get_min_dh(gnutls_session_t session) */ static int _gnutls_supported_groups_recv_params(gnutls_session_t session, - const uint8_t * data, size_t _data_size) + const uint8_t * data, size_t data_size) { int i; - ssize_t data_size = _data_size; uint16_t len; const uint8_t *p = data; const gnutls_group_entry_st *group = NULL; diff --git a/lib/ext/supported_versions.c b/lib/ext/supported_versions.c index 52828ee37..8d52fad5c 100644 --- a/lib/ext/supported_versions.c +++ b/lib/ext/supported_versions.c @@ -54,12 +54,11 @@ const hello_ext_entry_st ext_mod_supported_versions = { static int supported_versions_recv_params(gnutls_session_t session, - const uint8_t * data, size_t _data_size) + const uint8_t * data, size_t data_size) { const version_entry_st *vers; - ssize_t data_size = _data_size; uint8_t major, minor; - ssize_t bytes; + size_t bytes; int ret; if (session->security_parameters.entity == GNUTLS_SERVER) { diff --git a/lib/extv.c b/lib/extv.c index bfdfdf974..0c0c46f32 100644 --- a/lib/extv.c +++ b/lib/extv.c @@ -105,7 +105,7 @@ int gnutls_ext_raw_parse(void *ctx, gnutls_ext_raw_process_func cb, const gnutls_datum_t *data, unsigned int flags) { if (flags & GNUTLS_EXT_RAW_FLAG_TLS_CLIENT_HELLO) { - ssize_t size = data->size; + size_t size = data->size; size_t len; uint8_t *p = data->data; @@ -137,12 +137,12 @@ int gnutls_ext_raw_parse(void *ctx, gnutls_ext_raw_process_func cb, DECR_LEN(size, len); p += len; - if (size <= 0) + if (size == 0) return gnutls_assert_val(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE); return _gnutls_extv_parse(ctx, cb, p, size); } else if (flags & GNUTLS_EXT_RAW_FLAG_DTLS_CLIENT_HELLO) { - ssize_t size = data->size; + size_t size = data->size; size_t len; uint8_t *p = data->data; @@ -181,7 +181,7 @@ int gnutls_ext_raw_parse(void *ctx, gnutls_ext_raw_process_func cb, DECR_LEN(size, len); p += len; - if (size <= 0) + if (size == 0) return gnutls_assert_val(GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE); return _gnutls_extv_parse(ctx, cb, p, size); diff --git a/lib/sslv2_compat.c b/lib/sslv2_compat.c index 6122d1098..9d247ba4c 100644 --- a/lib/sslv2_compat.c +++ b/lib/sslv2_compat.c @@ -87,14 +87,13 @@ _gnutls_handshake_select_v2_suite(gnutls_session_t session, */ int _gnutls_read_client_hello_v2(gnutls_session_t session, uint8_t * data, - unsigned int datalen) + unsigned int len) { uint16_t session_id_len = 0; int pos = 0; int ret = 0, sret = 0; uint16_t sizeOfSuites; uint8_t rnd[GNUTLS_RANDOM_SIZE], major, minor; - int len = datalen; int neg_version; const version_entry_st *vers; uint16_t challenge; diff --git a/lib/supplemental.c b/lib/supplemental.c index cd90fa1fb..07b38cc93 100644 --- a/lib/supplemental.c +++ b/lib/supplemental.c @@ -192,14 +192,14 @@ _gnutls_parse_supplemental(gnutls_session_t session, const uint8_t * data, int datalen) { const uint8_t *p = data; - ssize_t dsize = datalen; + size_t dsize = datalen; size_t total_size; DECR_LEN(dsize, 3); total_size = _gnutls_read_uint24(p); p += 3; - if (dsize != (ssize_t) total_size) { + if (dsize != total_size) { gnutls_assert(); return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER; } diff --git a/lib/tls13/certificate.c b/lib/tls13/certificate.c index bd257237f..8a1a11872 100644 --- a/lib/tls13/certificate.c +++ b/lib/tls13/certificate.c @@ -360,11 +360,12 @@ static int parse_cert_extension(void *_ctx, unsigned tls_id, const uint8_t *data static int parse_cert_list(gnutls_session_t session, uint8_t * data, size_t data_size) { - int len, ret; + int ret; + size_t len; uint8_t *p = data; cert_auth_info_t info; gnutls_certificate_credentials_t cred; - ssize_t dsize = data_size, size; + size_t size; int i; unsigned npeer_certs, npeer_ocsp, j; crt_cert_ctx_st ctx; @@ -395,31 +396,31 @@ parse_cert_list(gnutls_session_t session, uint8_t * data, size_t data_size) if (info == NULL) return gnutls_assert_val(GNUTLS_E_INSUFFICIENT_CREDENTIALS); - DECR_LEN(dsize, 3); + DECR_LEN(data_size, 3); size = _gnutls_read_uint24(p); p += 3; - if (size != dsize) + if (size != data_size) return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH); if (size == 0) return gnutls_assert_val(GNUTLS_E_NO_CERTIFICATE_FOUND); - i = dsize; + i = data_size; while (i > 0) { - DECR_LEN(dsize, 3); + DECR_LEN(data_size, 3); len = _gnutls_read_uint24(p); if (len == 0) return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH); - DECR_LEN(dsize, len); + DECR_LEN(data_size, len); p += len + 3; i -= len + 3; - DECR_LEN(dsize, 2); + DECR_LEN(data_size, 2); len = _gnutls_read_uint16(p); - DECR_LEN(dsize, len); + DECR_LEN(data_size, len); i -= len + 2; p += len + 2; @@ -427,7 +428,7 @@ parse_cert_list(gnutls_session_t session, uint8_t * data, size_t data_size) nentries++; } - if (dsize != 0) + if (data_size != 0) return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH); /* this is unnecessary - keeping to avoid a regression due to a re-org diff --git a/lib/tls13/psk_ext_parser.c b/lib/tls13/psk_ext_parser.c index 6e3a12f90..33ebc0461 100644 --- a/lib/tls13/psk_ext_parser.c +++ b/lib/tls13/psk_ext_parser.c @@ -28,10 +28,8 @@ * are present, or 0, on success. */ int _gnutls13_psk_ext_parser_init(psk_ext_parser_st *p, - const unsigned char *data, size_t _len) + const unsigned char *data, size_t len) { - ssize_t len = _len; - if (!p || !data || !len) return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); diff --git a/lib/tls13/psk_ext_parser.h b/lib/tls13/psk_ext_parser.h index 30b47e904..f46b211e0 100644 --- a/lib/tls13/psk_ext_parser.h +++ b/lib/tls13/psk_ext_parser.h @@ -25,10 +25,10 @@ struct psk_ext_parser_st { const unsigned char *identities_data; - ssize_t identities_len; + size_t identities_len; const unsigned char *binders_data; - ssize_t binders_len; + size_t binders_len; }; typedef struct psk_ext_parser_st psk_ext_parser_st; diff --git a/lib/tls13/session_ticket.c b/lib/tls13/session_ticket.c index 146aee9b1..072a56d9c 100644 --- a/lib/tls13/session_ticket.c +++ b/lib/tls13/session_ticket.c @@ -105,7 +105,7 @@ unpack_ticket(gnutls_session_t session, gnutls_datum_t *packed, tls13_ticket_st gnutls_mac_algorithm_t kdf; const mac_entry_st *prf; uint8_t *p; - ssize_t len; + size_t len; uint64_t v; int ret; -- 2.21.0