start the great migration from int to size_t

and clean some deadweight from util.h


svn:r2455

src/common/crypto.c

@@ -1242,7 +1242,7 @@ int crypto_dh_generate_public(crypto_dh_env_t *dh)
  * as a <b>pubkey_len</b>-byte value into <b>pubkey</b>. Return 0 on
  * success, -1 on failure.  <b>pubkey_len</b> must be \>= DH_BYTES.
  */
-int crypto_dh_get_public(crypto_dh_env_t *dh, char *pubkey, int pubkey_len)
+int crypto_dh_get_public(crypto_dh_env_t *dh, char *pubkey, size_t pubkey_len)
 {
   int bytes;
   tor_assert(dh);
@@ -1253,7 +1253,8 @@ int crypto_dh_get_public(crypto_dh_env_t *dh, char *pubkey, int pubkey_len)
 
   tor_assert(dh->dh->pub_key);
   bytes = BN_num_bytes(dh->dh->pub_key);
-  if (pubkey_len < bytes)
+  tor_assert(bytes >= 0);
+  if (pubkey_len < (size_t)bytes)
     return -1;
 
   memset(pubkey, 0, pubkey_len);
@@ -1275,21 +1276,27 @@ int crypto_dh_get_public(crypto_dh_env_t *dh, char *pubkey, int pubkey_len)
  * where || is concatenation.)
  */
 int crypto_dh_compute_secret(crypto_dh_env_t *dh,
-                             const char *pubkey, int pubkey_len,
-                             char *secret_out, int secret_bytes_out)
+                             const char *pubkey, size_t pubkey_len,
+                             char *secret_out, size_t secret_bytes_out)
 {
   unsigned char hash[DIGEST_LEN];
   unsigned char *secret_tmp = NULL;
   BIGNUM *pubkey_bn = NULL;
-  int secret_len;
-  int i;
+  size_t secret_len=0;
+  unsigned int i;
+  int result=0;
   tor_assert(dh);
   tor_assert(secret_bytes_out/DIGEST_LEN <= 255);
 
   if (!(pubkey_bn = BN_bin2bn(pubkey, pubkey_len, NULL)))
     goto error;
   secret_tmp = tor_malloc(crypto_dh_get_bytes(dh)+1);
-  secret_len = DH_compute_key(secret_tmp, pubkey_bn, dh->dh);
+  result = DH_compute_key(secret_tmp, pubkey_bn, dh->dh);
+  if(result < 0) {
+    log_fn(LOG_WARN,"DH_compute_key() failed.");
+    goto error;
+  }
+  secret_len = result;
   /* sometimes secret_len might be less than 128, e.g., 127. that's ok. */
   for (i = 0; i < secret_bytes_out; i += DIGEST_LEN) {
     secret_tmp[secret_len] = (unsigned char) i/DIGEST_LEN;
@@ -1301,14 +1308,18 @@ int crypto_dh_compute_secret(crypto_dh_env_t *dh,
 
   goto done;
  error:
-  secret_len = -1;
+  result = -1;
  done:
   crypto_log_errors(LOG_WARN, "completing DH handshake");
   if (pubkey_bn)
     BN_free(pubkey_bn);
   tor_free(secret_tmp);
-  return secret_len;
+  if(result < 0)
+    return result;
+  else
+    return secret_len;
 }
+
 /** Free a DH key exchange object.
  */
 void crypto_dh_free(crypto_dh_env_t *dh)
@@ -1433,7 +1444,7 @@ int crypto_pseudo_rand_int(unsigned int max) {
  * destlen is too short, or other failure.
  */
 int
-base64_encode(char *dest, int destlen, const char *src, int srclen)
+base64_encode(char *dest, size_t destlen, const char *src, size_t srclen)
 {
   EVP_ENCODE_CTX ctx;
   int len, ret;
@@ -1457,7 +1468,7 @@ base64_encode(char *dest, int destlen, const char *src, int srclen)
  * destlen is too short, or other failure.
  */
 int
-base64_decode(char *dest, int destlen, const char *src, int srclen)
+base64_decode(char *dest, size_t destlen, const char *src, size_t srclen)
 {
   EVP_ENCODE_CTX ctx;
   int len, ret;
@@ -1478,9 +1489,9 @@ base64_decode(char *dest, int destlen, const char *src, int srclen)
  * that srclen*8 is a multiple of 5.
  */
 void
-base32_encode(char *dest, int destlen, const char *src, int srclen)
+base32_encode(char *dest, size_t destlen, const char *src, size_t srclen)
 {
-  int nbits, i, bit, v, u;
+  unsigned int nbits, i, bit, v, u;
   nbits = srclen * 8;
 
   tor_assert((nbits%5) == 0); /* We need an even multiple of 5 bits. */
@@ -1497,7 +1508,7 @@ base32_encode(char *dest, int destlen, const char *src, int srclen)
   dest[i] = '\0';
 }
 
-void base16_encode(char *dest, int destlen, const char *src, int srclen)
+void base16_encode(char *dest, size_t destlen, const char *src, size_t srclen)
 {
   const char *end;
   char *cp;
@@ -1530,7 +1541,7 @@ static INLINE int hex_decode_digit(char c)
     return n-6; /* lowercase */
 }
 
-int base16_decode(char *dest, int destlen, const char *src, int srclen)
+int base16_decode(char *dest, size_t destlen, const char *src, size_t srclen)
 {
   const char *end;
   int v1,v2;

src/common/crypto.h

@@ -92,22 +92,22 @@ int crypto_pk_get_digest(crypto_pk_env_t *pk, char *digest_out);
 int crypto_pk_get_fingerprint(crypto_pk_env_t *pk, char *fp_out,int add_space);
 int crypto_pk_check_fingerprint_syntax(const char *s);
 
-int base64_encode(char *dest, int destlen, const char *src, int srclen);
-int base64_decode(char *dest, int destlen, const char *src, int srclen);
+int base64_encode(char *dest, size_t destlen, const char *src, size_t srclen);
+int base64_decode(char *dest, size_t destlen, const char *src, size_t srclen);
 #define BASE32_CHARS "abcdefghijklmnopqrstuvwxyz234567"
-void base32_encode(char *dest, int destlen, const char *src, int srclen);
-void base16_encode(char *dest, int destlen, const char *src, int srclen);
-int base16_decode(char *dest, int destlen, const char *src, int srclen);
+void base32_encode(char *dest, size_t destlen, const char *src, size_t srclen);
+void base16_encode(char *dest, size_t destlen, const char *src, size_t srclen);
+int base16_decode(char *dest, size_t destlen, const char *src, size_t srclen);
 
 /* Key negotiation */
 crypto_dh_env_t *crypto_dh_new();
 int crypto_dh_get_bytes(crypto_dh_env_t *dh);
 int crypto_dh_generate_public(crypto_dh_env_t *dh);
 int crypto_dh_get_public(crypto_dh_env_t *dh, char *pubkey_out,
-                         int pubkey_out_len);
+                         size_t pubkey_out_len);
 int crypto_dh_compute_secret(crypto_dh_env_t *dh,
-                             const char *pubkey, int pubkey_len,
-                             char *secret_out, int secret_out_len);
+                             const char *pubkey, size_t pubkey_len,
+                             char *secret_out, size_t secret_out_len);
 void crypto_dh_free(crypto_dh_env_t *dh);
 
 /* symmetric crypto */

src/common/util.c

@@ -232,8 +232,8 @@ int tor_strpartition(char *dest, size_t dest_len,
                      part_finish_rule_t rule)
 {
   char *destp;
-  int len_in, len_out, len_ins;
-  int is_even;
+  size_t len_in, len_out, len_ins;
+  int is_even, remaining;
   tor_assert(s && insert && n > 0);
   len_in = strlen(s);
   len_ins = strlen(insert);
@@ -253,14 +253,15 @@ int tor_strpartition(char *dest, size_t dest_len,
   if (dest_len < len_out+1)
     return -1;
   destp = dest;
-  while(len_in) {
+  remaining = len_in;
+  while(remaining) {
     strncpy(destp, s, n);
-    len_in -= n;
-    if (len_in < 0) {
+    remaining -= n;
+    if (remaining < 0) {
       if (rule == ALWAYS_TERMINATE)
-        strcpy(destp+n+len_in,insert);
+        strcpy(destp+n+remaining,insert);
       break;
-    } else if (len_in == 0 && rule == NEVER_TERMINATE) {
+    } else if (remaining == 0 && rule == NEVER_TERMINATE) {
       *(destp+n) = '\0';
       break;
     }
@@ -319,7 +320,7 @@ void set_uint32(char *cp, uint32_t v)
  * result does not need to be deallocated, but repeated calls to
  * hex_str will trash old results.
  */
-const char *hex_str(const char *from, int fromlen)
+const char *hex_str(const char *from, size_t fromlen)
 {
   static char buf[65];
   if (fromlen>(sizeof(buf)-1)/2)
@@ -1543,6 +1544,7 @@ write_str_to_file(const char *fname, const char *str, int bin)
   char tempname[1024];
   int fd;
   size_t len;
+  int result;
   if ((strlcpy(tempname,fname,1024) >= 1024) ||
       (strlcat(tempname,".tmp",1024) >= 1024)) {
     log(LOG_WARN, "Filename %s.tmp too long (>1024 chars)", fname);
@@ -1555,7 +1557,8 @@ write_str_to_file(const char *fname, const char *str, int bin)
     return -1;
   }
   len = strlen(str);
-  if (write_all(fd, str, len, 0) != len) {
+  result = write_all(fd, str, len, 0);
+  if(result < 0 || (size_t)result != len) {
     log(LOG_WARN, "Error writing to %s: %s", tempname, strerror(errno));
     close(fd);
     return -1;

src/common/util.h

@@ -110,38 +110,13 @@ unsigned long tor_parse_ulong(const char *s, int base, unsigned long min,
 #define set_uint16(cp,v) do { *(uint16_t*)(cp) = (v); } while (0)
 #define set_uint32(cp,v) do { *(uint32_t*)(cp) = (v); } while (0)
 #else
-#if 1
 uint16_t get_uint16(const char *cp);
 uint32_t get_uint32(const char *cp);
 void set_uint16(char *cp, uint16_t v);
 void set_uint32(char *cp, uint32_t v);
-#else
-#define get_uint16(cp)                          \
-  ( ((*(((uint8_t*)(cp))+0))<<8) +              \
-    ((*(((uint8_t*)(cp))+1))   ) )
-#define get_uint32(cp)                          \
-  ( ((*(((uint8_t*)(cp))+0))<<24) +             \
-    ((*(((uint8_t*)(cp))+1))<<16) +             \
-    ((*(((uint8_t*)(cp))+2))<<8 ) +             \
-    ((*(((uint8_t*)(cp))+3))    ) )
-#define set_uint16(cp,v)                        \
-  do {                                          \
-    uint16_t u16v = (v);                        \
-    *(((uint8_t*)(cp))+0) = (v >> 8)&0xff;      \
-    *(((uint8_t*)(cp))+1) = (v >> 0)&0xff;      \
-  } while (0)
-#define set_uint32(cp,val)                      \
-  do {                                          \
-    uint32_t u32v = (v);                        \
-    *(((uint8_t*)(cp))+0) = s32 >> 24)&0xff;    \
-    *(((uint8_t*)(cp))+1) = s32 >> 16)&0xff;    \
-    *(((uint8_t*)(cp))+2) = s32 >> 8)&0xff;     \
-    *(((uint8_t*)(cp))+3) = s32 >> 0)&0xff;     \
-  } while (0)
-#endif
 #endif
 
-const char *hex_str(const char *from, int fromlen);
+const char *hex_str(const char *from, size_t fromlen);
 
 /** Generic resizeable array. */
 typedef struct smartlist_t smartlist_t;
@@ -182,9 +157,7 @@ int smartlist_split_string(smartlist_t *sl, const char *str, const char *sep,
 
 /* Map from const char * to void*. Implemented with a splay tree. */
 typedef struct strmap_t strmap_t;
-typedef struct strmap_entry_t strmap_entry_t;
-typedef struct strmap_entry_t strmap_iter_t;
-strmap_t* strmap_new(void);
+typedef struct strmap_entry_t strmap_entry_t; typedef struct strmap_entry_t strmap_iter_t; strmap_t* strmap_new(void);
 void* strmap_set(strmap_t *map, const char *key, void *val);
 void* strmap_get(strmap_t *map, const char *key);
 void* strmap_remove(strmap_t *map, const char *key);