more int to size_t conversions, fixing one or more amd64 bugs

plus a whitespace patch on config.c from vicman


svn:r2482

src/or/buffers.c

@@ -237,12 +237,12 @@ int read_to_buf_tls(tor_tls *tls, size_t at_most, buf_t *buf) {
  * from the buffer.  Return the number of bytes written on success,
  * -1 on failure.  Return 0 if write() would block.
  */
-int flush_buf(int s, buf_t *buf, int *buf_flushlen)
+int flush_buf(int s, buf_t *buf, size_t *buf_flushlen)
 {
   int write_result;
 
   assert_buf_ok(buf);
-  tor_assert(buf_flushlen && (s>=0) && ((unsigned)*buf_flushlen <= buf->datalen));
+  tor_assert(buf_flushlen && (s>=0) && (*buf_flushlen <= buf->datalen));
 
   if(*buf_flushlen == 0) /* nothing to flush */
     return 0;
@@ -266,7 +266,7 @@ int flush_buf(int s, buf_t *buf, int *buf_flushlen)
 
 /** As flush_buf, but writes data to a TLS connection.
  */
-int flush_buf_tls(tor_tls *tls, buf_t *buf, int *buf_flushlen)
+int flush_buf_tls(tor_tls *tls, buf_t *buf, size_t *buf_flushlen)
 {
   int r;
   assert_buf_ok(buf);
@@ -290,7 +290,7 @@ int flush_buf_tls(tor_tls *tls, buf_t *buf, int *buf_flushlen)
  *
  * Return the new length of the buffer on success, -1 on failure.
  */
-int write_to_buf(const char *string, int string_len, buf_t *buf) {
+int write_to_buf(const char *string, size_t string_len, buf_t *buf) {
 
   /* append string to buf (growing as needed, return -1 if "too big")
    * return total number of bytes on the buf
@@ -348,10 +348,10 @@ int fetch_from_buf(char *string, size_t string_len, buf_t *buf) {
  * Else, change nothing and return 0.
  */
 int fetch_from_buf_http(buf_t *buf,
-                        char **headers_out, int max_headerlen,
-                        char **body_out, int *body_used, int max_bodylen) {
+                        char **headers_out, size_t max_headerlen,
+                        char **body_out, size_t *body_used, size_t max_bodylen) {
   char *headers, *body, *p;
-  int headerlen, bodylen, contentlen;
+  size_t headerlen, bodylen, contentlen;
 
   assert_buf_ok(buf);
 
@@ -382,11 +382,13 @@ int fetch_from_buf_http(buf_t *buf,
 #define CONTENT_LENGTH "\r\nContent-Length: "
   p = strstr(headers, CONTENT_LENGTH);
   if (p) {
-    contentlen = atoi(p+strlen(CONTENT_LENGTH));
-    if (contentlen < 0) {
+    int i;
+    i = atoi(p+strlen(CONTENT_LENGTH));
+    if (i < 0) {
       log_fn(LOG_WARN, "Content-Length is less than zero; it looks like someone is trying to crash us.");
       return -1;
     }
+    contentlen = i;
     /* if content-length is malformed, then our body length is 0. fine. */
     log_fn(LOG_DEBUG,"Got a contentlen of %d.",contentlen);
     if(bodylen < contentlen) {

src/or/circuitbuild.c

@@ -350,7 +350,7 @@ int circuit_send_next_onion_skin(circuit_t *circ) {
   int r;
   char payload[2+4+DIGEST_LEN+ONIONSKIN_CHALLENGE_LEN];
   char *onionskin;
-  int payload_len;
+  size_t payload_len;
 
   tor_assert(circ && CIRCUIT_IS_ORIGIN(circ));
 

src/or/connection.c

@@ -376,8 +376,10 @@ static int connection_create_listener(const char *bindaddress, uint16_t bindport
 static int connection_handle_listener_read(connection_t *conn, int new_type) {
   int news; /* the new socket */
   connection_t *newconn;
-  struct sockaddr_in remote; /* information about the remote peer when connecting to other routers */
-  int remotelen = sizeof(struct sockaddr_in); /* length of the remote address */
+  /* information about the remote peer when connecting to other routers */
+  struct sockaddr_in remote;
+  /* length of the remote address. Must be an int, since accept() needs that. */
+  int remotelen = sizeof(struct sockaddr_in);
 
   news = accept(conn->s,(struct sockaddr *)&remote,&remotelen);
   if (news == -1) { /* accept() error */
@@ -811,7 +813,7 @@ static int connection_read_to_buf(connection_t *conn) {
 }
 
 /** A pass-through to fetch_from_buf. */
-int connection_fetch_from_buf(char *string, int len, connection_t *conn) {
+int connection_fetch_from_buf(char *string, size_t len, connection_t *conn) {
   return fetch_from_buf(string, len, conn->inbuf);
 }
 
@@ -953,7 +955,7 @@ int connection_handle_write(connection_t *conn) {
 /** Append <b>len</b> bytes of <b>string</b> onto <b>conn</b>'s
  * outbuf, and ask it to start writing.
  */
-void connection_write_to_buf(const char *string, int len, connection_t *conn) {
+void connection_write_to_buf(const char *string, size_t len, connection_t *conn) {
 
   if(!len || conn->marked_for_close)
     return;

src/or/connection_edge.c

@@ -129,7 +129,7 @@ int
 connection_edge_end(connection_t *conn, char reason, crypt_path_t *cpath_layer)
 {
   char payload[5];
-  int payload_len=1;
+  size_t payload_len=1;
   circuit_t *circ;
 
   if(conn->has_sent_end) {
@@ -625,11 +625,11 @@ int connection_ap_make_bridge(char *address, uint16_t port) {
 
 void connection_ap_handshake_socks_resolved(connection_t *conn,
                                             int answer_type,
-                                            int answer_len,
+                                            size_t answer_len,
                                             const char *answer)
 {
   char buf[256];
-  int replylen;
+  size_t replylen;
 
   if (answer_type == RESOLVED_TYPE_IPV4) {
     uint32_t a = get_uint32(answer);
@@ -686,7 +686,7 @@ void connection_ap_handshake_socks_resolved(connection_t *conn,
  * Otherwise, send back a reply based on whether <b>success</b> is 1 or 0.
  */
 void connection_ap_handshake_socks_reply(connection_t *conn, char *reply,
-                                         int replylen, int success) {
+                                         size_t replylen, int success) {
   char buf[256];
 
   if(replylen) { /* we already have a reply in mind */

src/or/directory.c

@@ -28,21 +28,21 @@
 
 static void
 directory_initiate_command_router(routerinfo_t *router, uint8_t purpose,
-                                  const char *payload, int payload_len);
+                                  const char *payload, size_t payload_len);
 static void
 directory_initiate_command_trusted_dir(trusted_dir_server_t *dirserv,
-                      uint8_t purpose, const char *payload, int payload_len);
+                      uint8_t purpose, const char *payload, size_t payload_len);
 
 static void
 directory_initiate_command(const char *address, uint32_t addr, uint16_t port,
                            const char *platform,
                            const char *digest, uint8_t purpose,
-                           const char *payload, int payload_len);
+                           const char *payload, size_t payload_len);
 
 static void
 directory_send_command(connection_t *conn, const char *platform,
                        uint16_t dir_port, int purpose,
-                       const char *payload, int payload_len);
+                       const char *payload, size_t payload_len);
 static int directory_handle_command(connection_t *conn);
 
 /********* START VARIABLES **********/
@@ -71,7 +71,7 @@ char rend_fetch_url[] = "/tor/rendezvous/";
  */
 void
 directory_post_to_dirservers(uint8_t purpose, const char *payload,
-                             int payload_len)
+                             size_t payload_len)
 {
   int i;
   routerinfo_t *router;
@@ -97,7 +97,7 @@ directory_post_to_dirservers(uint8_t purpose, const char *payload,
  */
 void
 directory_get_from_dirserver(uint8_t purpose, const char *payload,
-                             int payload_len)
+                             size_t payload_len)
 {
   routerinfo_t *r = NULL;
   trusted_dir_server_t *ds = NULL;
@@ -139,7 +139,7 @@ directory_get_from_dirserver(uint8_t purpose, const char *payload,
  */
 static void
 directory_initiate_command_router(routerinfo_t *router, uint8_t purpose,
-                                  const char *payload, int payload_len)
+                                  const char *payload, size_t payload_len)
 {
   directory_initiate_command(router->address, router->addr, router->dir_port,
                              router->platform, router->identity_digest,
@@ -148,7 +148,7 @@ directory_initiate_command_router(routerinfo_t *router, uint8_t purpose,
 
 static void
 directory_initiate_command_trusted_dir(trusted_dir_server_t *dirserv,
-                      uint8_t purpose, const char *payload, int payload_len)
+                      uint8_t purpose, const char *payload, size_t payload_len)
 {
   directory_initiate_command(dirserv->address, dirserv->addr,dirserv->dir_port,
                         NULL, dirserv->digest, purpose, payload, payload_len);
@@ -158,7 +158,7 @@ static void
 directory_initiate_command(const char *address, uint32_t addr,
                            uint16_t dir_port, const char *platform,
                            const char *digest, uint8_t purpose,
-                           const char *payload, int payload_len)
+                           const char *payload, size_t payload_len)
 {
   connection_t *conn;
 
@@ -257,7 +257,7 @@ directory_initiate_command(const char *address, uint32_t addr,
 static void
 directory_send_command(connection_t *conn, const char *platform,
                        uint16_t dir_port, int purpose,
-                       const char *payload, int payload_len) {
+                       const char *payload, size_t payload_len) {
   char tmp[8192];
   char proxystring[128];
   char hoststring[128];
@@ -466,7 +466,7 @@ connection_dir_client_reached_eof(connection_t *conn)
 {
   char *body;
   char *headers;
-  int body_len=0;
+  size_t body_len=0;
   int status_code;
   time_t now, date_header=0;
   int delta;
@@ -512,7 +512,7 @@ connection_dir_client_reached_eof(connection_t *conn)
     }
     tor_free(body);
     body = new_body;
-    body_len = (int)new_len;
+    body_len = new_len;
   }
 
   if(conn->purpose == DIR_PURPOSE_FETCH_DIR) {
@@ -671,7 +671,7 @@ static char answer503[] = "HTTP/1.0 503 Directory unavailable\r\n\r\n";
  * Always return 0. */
 static int
 directory_handle_command_get(connection_t *conn, char *headers,
-                             char *body, int body_len)
+                             char *body, size_t body_len)
 {
   size_t dlen;
   const char *cp;
@@ -738,7 +738,7 @@ directory_handle_command_get(connection_t *conn, char *headers,
   if(!strcmpstart(url,"/tor/rendezvous/")) {
     /* rendezvous descriptor fetch */
     const char *descp;
-    int desc_len;
+    size_t desc_len;
 
     if(!authdir_mode()) {
       /* We don't hand out rend descs. In fact, it could be a security
@@ -755,7 +755,7 @@ directory_handle_command_get(connection_t *conn, char *headers,
         format_rfc1123_time(date, time(NULL));
         snprintf(tmp, sizeof(tmp), "HTTP/1.0 200 OK\r\nDate: %s\r\nContent-Length: %d\r\nContent-Type: application/octet-stream\r\n\r\n",
                  date,
-                 desc_len); /* can't include descp here, because it's got nuls */
+                 (int)desc_len); /* can't include descp here, because it's got nuls */
         connection_write_to_buf(tmp, strlen(tmp), conn);
         connection_write_to_buf(descp, desc_len, conn);
         break;
@@ -783,7 +783,7 @@ directory_handle_command_get(connection_t *conn, char *headers,
  * 400.  Always return 0. */
 static int
 directory_handle_command_post(connection_t *conn, char *headers,
-                                         char *body, int body_len)
+                                         char *body, size_t body_len)
 {
   const char *cp;
   char *url;
@@ -848,7 +848,7 @@ directory_handle_command_post(connection_t *conn, char *headers,
  */
 static int directory_handle_command(connection_t *conn) {
   char *headers=NULL, *body=NULL;
-  int body_len=0;
+  size_t body_len=0;
   int r;
 
   tor_assert(conn && conn->type == CONN_TYPE_DIR);
@@ -858,6 +858,7 @@ static int directory_handle_command(connection_t *conn) {
                              &body, &body_len, MAX_BODY_SIZE)) {
     case -1: /* overflow */
       log_fn(LOG_WARN,"input too large. Failing.");
+/*XXX009 needs a better warn message */
       return -1;
     case 0:
       log_fn(LOG_DEBUG,"command not all here yet.");

src/or/dirserv.c

@@ -468,7 +468,7 @@ list_running_servers(char **nicknames_out)
   connection_t *conn;
   char *cp;
   int i;
-  int length;
+  size_t length;
   smartlist_t *nicknames_up, *nicknames_down;
   char *name;
   const char *s;
@@ -554,7 +554,7 @@ dirserv_remove_old_servers(int age)
  * failure.
  */
 int
-dirserv_dump_directory_to_string(char *s, unsigned int maxlen,
+dirserv_dump_directory_to_string(char *s, size_t maxlen,
                                  crypto_pk_env_t *private_key)
 {
   char *cp, *eos;

src/or/dns.c

@@ -145,7 +145,7 @@ static void purge_expired_resolves(uint32_t now) {
 static void send_resolved_cell(connection_t *conn, uint8_t answer_type)
 {
   char buf[RELAY_PAYLOAD_SIZE];
-  int buflen;
+  size_t buflen;
 
   buf[0] = answer_type;
 

src/or/onion.c

@@ -55,7 +55,6 @@ int onion_pending_add(circuit_t *circ) {
   ol_tail->next = tmp;
   ol_tail = tmp;
   return 0;
-
 }
 
 /** Remove the first item from ol_list and return it, or return
@@ -192,7 +191,7 @@ onion_skin_server_handshake(char *onion_skin, /* ONIONSKIN_CHALLENGE_LEN bytes *
                             crypto_pk_env_t *prev_private_key,
                             char *handshake_reply_out, /* ONIONSKIN_REPLY_LEN bytes */
                             char *key_out,
-                            int key_out_len)
+                            size_t key_out_len)
 {
   char challenge[ONIONSKIN_CHALLENGE_LEN];
   crypto_dh_env_t *dh = NULL;
@@ -277,7 +276,7 @@ int
 onion_skin_client_handshake(crypto_dh_env_t *handshake_state,
                             char *handshake_reply, /* Must be ONIONSKIN_REPLY_LEN bytes */
                             char *key_out,
-                            int key_out_len)
+                            size_t key_out_len)
 {
   int len;
   char *key_material=NULL;

src/or/or.h

@@ -913,7 +913,7 @@ typedef struct {
 struct socks_request_t {
   char socks_version; /**< Which version of SOCKS did the client use? */
   int command; /**< What has the user requested? One of CONNECT or RESOLVE. */
-  int replylen; /**< Length of <b>reply</b>. */
+  size_t replylen; /**< Length of <b>reply</b>. */
   char reply[MAX_SOCKS_REPLY_LEN]; /**< Write an entry into this string if
                                     * we want to specify our own socks reply,
                                     * rather than using the default socks4 or
@@ -941,14 +941,14 @@ const char *_buf_peek_raw_buffer(const buf_t *buf);
 int read_to_buf(int s, size_t at_most, buf_t *buf, int *reached_eof);
 int read_to_buf_tls(tor_tls *tls, size_t at_most, buf_t *buf);
 
-int flush_buf(int s, buf_t *buf, int *buf_flushlen);
-int flush_buf_tls(tor_tls *tls, buf_t *buf, int *buf_flushlen);
+int flush_buf(int s, buf_t *buf, size_t *buf_flushlen);
+int flush_buf_tls(tor_tls *tls, buf_t *buf, size_t *buf_flushlen);
 
-int write_to_buf(const char *string, int string_len, buf_t *buf);
+int write_to_buf(const char *string, size_t string_len, buf_t *buf);
 int fetch_from_buf(char *string, size_t string_len, buf_t *buf);
 int fetch_from_buf_http(buf_t *buf,
-                        char **headers_out, int max_headerlen,
-                        char **body_out, int *body_used, int max_bodylen);
+                        char **headers_out, size_t max_headerlen,
+                        char **body_out, size_t *body_used, size_t max_bodylen);
 int fetch_from_buf_socks(buf_t *buf, socks_request_t *req);
 
 void assert_buf_ok(buf_t *buf);
@@ -1083,12 +1083,12 @@ void connection_bucket_refill(struct timeval *now);
 
 int connection_handle_read(connection_t *conn);
 
-int connection_fetch_from_buf(char *string, int len, connection_t *conn);
+int connection_fetch_from_buf(char *string, size_t len, connection_t *conn);
 
 int connection_wants_to_flush(connection_t *conn);
 int connection_outbuf_too_full(connection_t *conn);
 int connection_handle_write(connection_t *conn);
-void connection_write_to_buf(const char *string, int len, connection_t *conn);
+void connection_write_to_buf(const char *string, size_t len, connection_t *conn);
 
 connection_t *connection_exact_get_by_addr_port(uint32_t addr, uint16_t port);
 connection_t *connection_get_by_identity_digest(const char *digest, int type);
@@ -1125,10 +1125,10 @@ int connection_ap_handshake_send_resolve(connection_t *ap_conn, circuit_t *circ)
 
 int connection_ap_make_bridge(char *address, uint16_t port);
 void connection_ap_handshake_socks_reply(connection_t *conn, char *reply,
-                                         int replylen, int success);
+                                         size_t replylen, int success);
 void connection_ap_handshake_socks_resolved(connection_t *conn,
                                             int answer_type,
-                                            int answer_len,
+                                            size_t answer_len,
                                             const char *answer);
 
 int connection_exit_begin_conn(cell_t *cell, circuit_t *circ);
@@ -1175,9 +1175,9 @@ int assign_to_cpuworker(connection_t *cpuworker, unsigned char question_type,
 /********************************* directory.c ***************************/
 
 void directory_post_to_dirservers(uint8_t purpose, const char *payload,
-                                  int payload_len);
+                                  size_t payload_len);
 void directory_get_from_dirserver(uint8_t purpose, const char *payload,
-                                  int payload_len);
+                                  size_t payload_len);
 int connection_dir_process_inbuf(connection_t *conn);
 int connection_dir_finished_flushing(connection_t *conn);
 int connection_dir_finished_connecting(connection_t *conn);
@@ -1254,12 +1254,12 @@ int onion_skin_server_handshake(char *onion_skin,
                                 crypto_pk_env_t *prev_private_key,
                                 char *handshake_reply_out,
                                 char *key_out,
-                                int key_out_len);
+                                size_t key_out_len);
 
 int onion_skin_client_handshake(crypto_dh_env_t *handshake_state,
                              char *handshake_reply,
                              char *key_out,
-                             int key_out_len);
+                             size_t key_out_len);
 
 /********************************* relay.c ***************************/
 
@@ -1273,7 +1273,7 @@ void relay_header_pack(char *dest, const relay_header_t *src);
 void relay_header_unpack(relay_header_t *dest, const char *src);
 int connection_edge_send_command(connection_t *fromconn, circuit_t *circ,
                                  int relay_command, const char *payload,
-                                 int payload_len, crypt_path_t *cpath_layer);
+                                 size_t payload_len, crypt_path_t *cpath_layer);
 int connection_edge_package_raw_inbuf(connection_t *conn);
 void connection_edge_consider_sending_sendme(connection_t *conn);
 
@@ -1302,11 +1302,11 @@ char *rep_hist_get_bandwidth_lines(void);
 
 void rend_client_introcirc_has_opened(circuit_t *circ);
 void rend_client_rendcirc_has_opened(circuit_t *circ);
-int rend_client_introduction_acked(circuit_t *circ, const char *request, int request_len);
+int rend_client_introduction_acked(circuit_t *circ, const char *request, size_t request_len);
 void rend_client_refetch_renddesc(const char *query);
 int rend_client_remove_intro_point(char *failed_intro, const char *query);
-int rend_client_rendezvous_acked(circuit_t *circ, const char *request, int request_len);
-int rend_client_receive_rendezvous(circuit_t *circ, const char *request, int request_len);
+int rend_client_rendezvous_acked(circuit_t *circ, const char *request, size_t request_len);
+int rend_client_receive_rendezvous(circuit_t *circ, const char *request, size_t request_len);
 void rend_client_desc_fetched(char *query, int success);
 
 char *rend_client_get_random_intro(char *query);
@@ -1325,19 +1325,19 @@ typedef struct rend_service_descriptor_t {
 
 int rend_cmp_service_ids(const char *one, const char *two);
 
-void rend_process_relay_cell(circuit_t *circ, int command, int length,
+void rend_process_relay_cell(circuit_t *circ, int command, size_t length,
                              const char *payload);
 
 void rend_service_descriptor_free(rend_service_descriptor_t *desc);
 int rend_encode_service_descriptor(rend_service_descriptor_t *desc,
                                    crypto_pk_env_t *key,
                                    char **str_out,
-                                   int *len_out);
-rend_service_descriptor_t *rend_parse_service_descriptor(const char *str, int len);
+                                   size_t *len_out);
+rend_service_descriptor_t *rend_parse_service_descriptor(const char *str, size_t len);
 int rend_get_service_id(crypto_pk_env_t *pk, char *out);
 
 typedef struct rend_cache_entry_t {
-  int len; /* Length of desc */
+  size_t len; /* Length of desc */
   time_t received; /* When did we get the descriptor? */
   char *desc; /* Service descriptor */
   rend_service_descriptor_t *parsed; /* Parsed value of 'desc' */
@@ -1346,9 +1346,9 @@ typedef struct rend_cache_entry_t {
 void rend_cache_init(void);
 void rend_cache_clean(void);
 int rend_valid_service_id(const char *query);
-int rend_cache_lookup_desc(const char *query, const char **desc, int *desc_len);
+int rend_cache_lookup_desc(const char *query, const char **desc, size_t *desc_len);
 int rend_cache_lookup_entry(const char *query, rend_cache_entry_t **entry_out);
-int rend_cache_store(const char *desc, int desc_len);
+int rend_cache_store(const char *desc, size_t desc_len);
 
 /********************************* rendservice.c ***************************/
 
@@ -1359,18 +1359,18 @@ void rend_services_introduce(void);
 void rend_services_upload(int force);
 
 void rend_service_intro_has_opened(circuit_t *circuit);
-int rend_service_intro_established(circuit_t *circuit, const char *request, int request_len);
+int rend_service_intro_established(circuit_t *circuit, const char *request, size_t request_len);
 void rend_service_rendezvous_has_opened(circuit_t *circuit);
-int rend_service_introduce(circuit_t *circuit, const char *request, int request_len);
+int rend_service_introduce(circuit_t *circuit, const char *request, size_t request_len);
 void rend_service_relaunch_rendezvous(circuit_t *oldcirc);
 int rend_service_set_connection_addr_port(connection_t *conn, circuit_t *circ);
 void rend_service_dump_stats(int severity);
 
 /********************************* rendmid.c *******************************/
-int rend_mid_establish_intro(circuit_t *circ, const char *request, int request_len);
-int rend_mid_introduce(circuit_t *circ, const char *request, int request_len);
-int rend_mid_establish_rendezvous(circuit_t *circ, const char *request, int request_len);
-int rend_mid_rendezvous(circuit_t *circ, const char *request, int request_len);
+int rend_mid_establish_intro(circuit_t *circ, const char *request, size_t request_len);
+int rend_mid_introduce(circuit_t *circ, const char *request, size_t request_len);
+int rend_mid_establish_rendezvous(circuit_t *circ, const char *request, size_t request_len);
+int rend_mid_rendezvous(circuit_t *circ, const char *request, size_t request_len);
 
 /********************************* router.c ***************************/
 
@@ -1395,7 +1395,7 @@ routerinfo_t *router_get_my_routerinfo(void);
 const char *router_get_my_descriptor(void);
 int router_is_me(routerinfo_t *router);
 int router_rebuild_descriptor(void);
-int router_dump_router_to_string(char *s, int maxlen, routerinfo_t *router,
+int router_dump_router_to_string(char *s, size_t maxlen, routerinfo_t *router,
                                  crypto_pk_env_t *ident_key);
 int is_legal_nickname(const char *s);
 int is_legal_nickname_or_hexdigest(const char *s);

src/or/relay.c

@@ -404,7 +404,7 @@ void relay_header_unpack(relay_header_t *dest, const char *src) {
  */
 int connection_edge_send_command(connection_t *fromconn, circuit_t *circ,
                                  int relay_command, const char *payload,
-                                 int payload_len, crypt_path_t *cpath_layer) {
+                                 size_t payload_len, crypt_path_t *cpath_layer) {
   cell_t cell;
   relay_header_t rh;
   int cell_direction;
@@ -853,7 +853,7 @@ uint64_t stats_n_data_bytes_received = 0;
  * Return -1 if conn should be marked for close, else return 0.
  */
 int connection_edge_package_raw_inbuf(connection_t *conn) {
-  int amount_to_process, length;
+  size_t amount_to_process, length;
   char payload[CELL_PAYLOAD_SIZE];
   circuit_t *circ;
 

src/or/rendclient.c

@@ -52,7 +52,8 @@ rend_client_send_establish_rendezvous(circuit_t *circ)
  */
 int
 rend_client_send_introduction(circuit_t *introcirc, circuit_t *rendcirc) {
-  int payload_len, r;
+  size_t payload_len;
+  int r;
   char payload[RELAY_PAYLOAD_SIZE];
   char tmp[(MAX_NICKNAME_LEN+1)+REND_COOKIE_LEN+DH_KEY_LEN];
   rend_cache_entry_t *entry;
@@ -152,7 +153,7 @@ rend_client_rendcirc_has_opened(circuit_t *circ)
  */
 int
 rend_client_introduction_acked(circuit_t *circ,
-                               const char *request, int request_len)
+                               const char *request, size_t request_len)
 {
   char *nickname;
   circuit_t *rendcirc;
@@ -280,7 +281,7 @@ rend_client_remove_intro_point(char *failed_intro, const char *query)
  * the circuit to C_REND_READY.
  */
 int
-rend_client_rendezvous_acked(circuit_t *circ, const char *request, int request_len)
+rend_client_rendezvous_acked(circuit_t *circ, const char *request, size_t request_len)
 {
   /* we just got an ack for our establish-rendezvous. switch purposes. */
   if(circ->purpose != CIRCUIT_PURPOSE_C_ESTABLISH_REND) {
@@ -295,7 +296,7 @@ rend_client_rendezvous_acked(circuit_t *circ, const char *request, int request_l
 
 /** Bob sent us a rendezvous cell; join the circuits. */
 int
-rend_client_receive_rendezvous(circuit_t *circ, const char *request, int request_len)
+rend_client_receive_rendezvous(circuit_t *circ, const char *request, size_t request_len)
 {
   crypt_path_t *hop;
   char keys[DIGEST_LEN+CPATH_KEY_MATERIAL_LEN];

src/or/rendcommon.c

@@ -39,17 +39,19 @@ void rend_service_descriptor_free(rend_service_descriptor_t *desc)
 int
 rend_encode_service_descriptor(rend_service_descriptor_t *desc,
                                crypto_pk_env_t *key,
-                               char **str_out, int *len_out)
+                               char **str_out, size_t *len_out)
 {
   char *buf, *cp, *ipoint;
-  int i, keylen, asn1len;
+  int i;
+  size_t keylen, asn1len;
   keylen = crypto_pk_keysize(desc->pk);
   buf = tor_malloc(keylen*2); /* Too long, but that's okay. */
-  asn1len = crypto_pk_asn1_encode(desc->pk, buf, keylen*2);
-  if (asn1len<0) {
+  i = crypto_pk_asn1_encode(desc->pk, buf, keylen*2);
+  if (i<0) {
     tor_free(buf);
     return -1;
   }
+  asn1len = i;
   *len_out = 2 + asn1len + 4 + 2 + keylen;
   for (i = 0; i < desc->n_intro_points; ++i) {
     *len_out += strlen(desc->intro_points[i]) + 1;
@@ -75,7 +77,7 @@ rend_encode_service_descriptor(rend_service_descriptor_t *desc,
     return -1;
   }
   cp += i;
-  tor_assert(*len_out == (cp-*str_out));
+  tor_assert(*len_out == (size_t)(cp-*str_out));
   return 0;
 }
 
@@ -84,10 +86,11 @@ rend_encode_service_descriptor(rend_service_descriptor_t *desc,
  * return NULL.
  */
 rend_service_descriptor_t *rend_parse_service_descriptor(
-                           const char *str, int len)
+                           const char *str, size_t len)
 {
   rend_service_descriptor_t *result = NULL;
-  int keylen, asn1len, i;
+  int i;
+  size_t keylen, asn1len;
   const char *end, *cp, *eos;
 
   result = tor_malloc_zero(sizeof(rend_service_descriptor_t));
@@ -96,7 +99,7 @@ rend_service_descriptor_t *rend_parse_service_descriptor(
   if (end-cp < 2) goto truncated;
   asn1len = ntohs(get_uint16(cp));
   cp += 2;
-  if (end-cp < asn1len) goto truncated;
+  if ((size_t)(end-cp) < asn1len) goto truncated;
   result->pk = crypto_pk_asn1_decode(cp, asn1len);
   if (!result->pk) goto truncated;
   cp += asn1len;
@@ -115,8 +118,9 @@ rend_service_descriptor_t *rend_parse_service_descriptor(
     cp = eos+1;
   }
   keylen = crypto_pk_keysize(result->pk);
-  if (end-cp < keylen) goto truncated;
-  if (end-cp > keylen) {
+  tor_assert(end-cp >= 0);
+  if ((size_t)(end-cp) < keylen) goto truncated;
+  if ((size_t)(end-cp) > keylen) {
     log_fn(LOG_WARN, "Signature too long on service descriptor");
     goto error;
   }
@@ -224,7 +228,7 @@ int rend_cache_lookup_entry(const char *query, rend_cache_entry_t **e)
  * Note: calls to rend_cache_clean or rend_cache_store may invalidate
  * *desc.
  */
-int rend_cache_lookup_desc(const char *query, const char **desc, int *desc_len)
+int rend_cache_lookup_desc(const char *query, const char **desc, size_t *desc_len)
 {
   rend_cache_entry_t *e;
   int r;
@@ -240,7 +244,7 @@ int rend_cache_lookup_desc(const char *query, const char **desc, int *desc_len)
  * If we have an older descriptor with the same ID, replace it.
  * Returns -1 if it's malformed or otherwise rejected, else return 0.
  */
-int rend_cache_store(const char *desc, int desc_len)
+int rend_cache_store(const char *desc, size_t desc_len)
 {
   rend_cache_entry_t *e;
   rend_service_descriptor_t *parsed;
@@ -299,7 +303,7 @@ int rend_cache_store(const char *desc, int desc_len)
 
 /** Called when we get a rendezvous-related relay cell on circuit
  * <b>circ</b>.  Dispatch on rendezvous relay command. */
-void rend_process_relay_cell(circuit_t *circ, int command, int length,
+void rend_process_relay_cell(circuit_t *circ, int command, size_t length,
                              const char *payload)
 {
   int r;

src/or/rendmid.c

@@ -13,13 +13,13 @@
  * setting the circuit's purpose and service pk digest.
  */
 int
-rend_mid_establish_intro(circuit_t *circ, const char *request, int request_len)
+rend_mid_establish_intro(circuit_t *circ, const char *request, size_t request_len)
 {
   crypto_pk_env_t *pk = NULL;
   char buf[DIGEST_LEN+9];
   char expected_digest[DIGEST_LEN];
   char pk_digest[DIGEST_LEN];
-  int asn1len;
+  size_t asn1len;
   circuit_t *c;
   char serviceid[REND_SERVICE_ID_LEN+1];
 
@@ -110,7 +110,7 @@ rend_mid_establish_intro(circuit_t *circ, const char *request, int request_len)
  * INTRODUCE2 cell.
  */
 int
-rend_mid_introduce(circuit_t *circ, const char *request, int request_len)
+rend_mid_introduce(circuit_t *circ, const char *request, size_t request_len)
 {
   circuit_t *intro_circ;
   char serviceid[REND_SERVICE_ID_LEN+1];
@@ -177,7 +177,7 @@ rend_mid_introduce(circuit_t *circ, const char *request, int request_len)
  * rendezvous cookie.
  */
 int
-rend_mid_establish_rendezvous(circuit_t *circ, const char *request, int request_len)
+rend_mid_establish_rendezvous(circuit_t *circ, const char *request, size_t request_len)
 {
   char hexid[9];
 
@@ -224,7 +224,7 @@ rend_mid_establish_rendezvous(circuit_t *circ, const char *request, int request_
  * connecting the two circuits.
  */
 int
-rend_mid_rendezvous(circuit_t *circ, const char *request, int request_len)
+rend_mid_rendezvous(circuit_t *circ, const char *request, size_t request_len)
 {
   circuit_t *rend_circ;
   char hexid[9];

src/or/rendservice.c

@@ -335,20 +335,21 @@ rend_service_get_by_pk_digest(const char* digest)
  * rendezvous points.
  */
 int
-rend_service_introduce(circuit_t *circuit, const char *request, int request_len)
+rend_service_introduce(circuit_t *circuit, const char *request, size_t request_len)
 {
   char *ptr, *rp_nickname, *r_cookie;
   char buf[RELAY_PAYLOAD_SIZE];
   char keys[DIGEST_LEN+CPATH_KEY_MATERIAL_LEN]; /* Holds KH, Df, Db, Kf, Kb */
   rend_service_t *service;
-  int len, keylen;
+  int r;
+  size_t len, keylen;
   crypto_dh_env_t *dh = NULL;
   circuit_t *launched = NULL;
   crypt_path_t *cpath = NULL;
   char serviceid[REND_SERVICE_ID_LEN+1];
   char hexcookie[9];
   int version;
-  int nickname_field_len;
+  size_t nickname_field_len;
 
   base32_encode(serviceid, REND_SERVICE_ID_LEN+1,
                 circuit->rend_pk_digest,10);
@@ -389,13 +390,14 @@ rend_service_introduce(circuit_t *circuit, const char *request, int request_len)
     return -1;
   }
   /* Next N bytes is encrypted with service key */
-  len = crypto_pk_private_hybrid_decrypt(
+  r = crypto_pk_private_hybrid_decrypt(
        service->private_key,request+DIGEST_LEN,request_len-DIGEST_LEN,buf,
        PK_PKCS1_OAEP_PADDING,1);
-  if (len<0) {
+  if (r<0) {
     log_fn(LOG_WARN, "Couldn't decrypt INTRODUCE2 cell");
     return -1;
   }
+  len = r;
   if (*buf == 1) {
     rp_nickname = buf+1;
     nickname_field_len = HEX_DIGEST_LEN+2;
@@ -420,7 +422,7 @@ rend_service_introduce(circuit_t *circuit, const char *request, int request_len)
   ptr = rp_nickname+nickname_field_len;
   len -= nickname_field_len;
   if (len != REND_COOKIE_LEN+DH_KEY_LEN) {
-    log_fn(LOG_WARN, "Bad length for INTRODUCE2 cell.");
+    log_fn(LOG_WARN, "Bad length %u for INTRODUCE2 cell.", len);
     return -1;
   }
   r_cookie = ptr;
@@ -547,7 +549,8 @@ void
 rend_service_intro_has_opened(circuit_t *circuit)
 {
   rend_service_t *service;
-  int len, r;
+  size_t len;
+  int r;
   char buf[RELAY_PAYLOAD_SIZE];
   char auth[DIGEST_LEN + 9];
   char serviceid[REND_SERVICE_ID_LEN+1];
@@ -603,7 +606,7 @@ rend_service_intro_has_opened(circuit_t *circuit)
  * live introduction point, and note that the service descriptor is
  * now out-of-date.*/
 int
-rend_service_intro_established(circuit_t *circuit, const char *request, int request_len)
+rend_service_intro_established(circuit_t *circuit, const char *request, size_t request_len)
 {
   rend_service_t *service;
 
@@ -741,7 +744,7 @@ static void
 upload_service_descriptor(rend_service_t *service)
 {
   char *desc;
-  int desc_len;
+  size_t desc_len;
   if (!service->desc_is_dirty)
     return;
 

src/or/rephist.c

@@ -236,7 +236,7 @@ void rep_hist_dump_stats(time_t now, int severity)
   void *or_history_p, *link_history_p;
   double uptime;
   char buffer[2048];
-  int len;
+  size_t len;
   unsigned long upt, downt;
   routerinfo_t *r;
 
@@ -279,6 +279,7 @@ void rep_hist_dump_stats(time_t now, int severity)
           name2 = "(unknown)";
 
         link_history = (link_history_t*) link_history_p;
+/* XXX009 snprintf can return -1 for error also. need to detect. */
         len += snprintf(buffer+len, 2048-len, "%s(%ld/%ld); ", name2,
                         link_history->n_extend_ok,
                         link_history->n_extend_ok+link_history->n_extend_fail);

src/or/router.c

@@ -13,7 +13,7 @@
 extern or_options_t options; /* command-line and config-file options */
 extern long stats_n_seconds_uptime;
 
-/** Exposed for test.c. */ void get_platform_str(char *platform, int len);
+/** Exposed for test.c. */ void get_platform_str(char *platform, size_t len);
 
 /************************************************************/
 
@@ -571,7 +571,7 @@ int router_rebuild_descriptor(void) {
  * string describing the version of Tor and the operating system we're
  * currently running on.
  */
-void get_platform_str(char *platform, int len)
+void get_platform_str(char *platform, size_t len)
 {
   snprintf(platform, len-1, "Tor %s on %s",
            VERSION, get_uname());
@@ -590,7 +590,7 @@ void get_platform_str(char *platform, int len)
  * result into <b>s</b>, using at most <b>maxlen</b> bytes.  Return -1 on
  * failure, and the number of bytes used on success.
  */
-int router_dump_router_to_string(char *s, int maxlen, routerinfo_t *router,
+int router_dump_router_to_string(char *s, size_t maxlen, routerinfo_t *router,
                                  crypto_pk_env_t *ident_key) {
   char *onion_pkey; /* Onion key, PEM-encoded. */
   char *identity_pkey; /* Identity key, PEM-encoded. */
@@ -599,8 +599,8 @@ int router_dump_router_to_string(char *s, int maxlen, routerinfo_t *router,
   char published[32];
   char fingerprint[FINGERPRINT_LEN+1];
   struct in_addr in;
-  int onion_pkeylen, identity_pkeylen;
-  int written;
+  size_t onion_pkeylen, identity_pkeylen;
+  size_t written;
   int result=0;
   struct exit_policy_t *tmpe;
   char *bandwidth_usage;
@@ -675,7 +675,7 @@ int router_dump_router_to_string(char *s, int maxlen, routerinfo_t *router,
   tor_free(identity_pkey);
   tor_free(bandwidth_usage);
 
-  if(result < 0 || result >= maxlen) {
+  if(result < 0 || (size_t)result >= maxlen) {
     /* apparently different glibcs do different things on snprintf error.. so check both */
     return -1;
   }

src/or/routerlist.c

@@ -1067,7 +1067,7 @@ int router_update_status_from_smartlist(routerinfo_t *router,
   const char *name;
 #if 1
   char *cp;
-  int n;
+  size_t n;
   n = 0;
   for (i=0; i<smartlist_len(running_list); ++i) {
     name = smartlist_get(running_list, i);

src/or/routerparse.c

@@ -59,7 +59,7 @@ typedef struct directory_token_t {
   int n_args;                  /**< Number of elements in args */
   char **args;                 /**< Array of arguments from keyword line. */
   char *object_type;           /**< -----BEGIN [object_type]-----*/
-  int object_size;             /**< Bytes in object_body */
+  size_t object_size;             /**< Bytes in object_body */
   char *object_body;           /**< Contents of object, base64-decoded. */
   crypto_pk_env_t *key;        /**< For public keys only. */
   char *error;                 /**< For _ERR tokens only. */
@@ -173,7 +173,7 @@ get_recommended_software_from_directory(const char *str)
 {
 #define REC "recommended-software "
   const char *cp = str, *eol;
-  int len = strlen(REC);
+  size_t len = strlen(REC);
   cp = str;
   if (strcmpstart(str, REC)==0) {
     cp += len;
@@ -611,7 +611,6 @@ static int check_directory_signature(const char *digest,
   char signed_digest[PK_BYTES];
   routerinfo_t *r;
   crypto_pk_env_t *_pkey = NULL;
-  
 
   if (tok->n_args != 1) {
     log_fn(LOG_WARN, "Too many or too few arguments to directory-signature");
@@ -621,7 +620,7 @@ static int check_directory_signature(const char *digest,
   if (declared_key) {
     if (dir_signing_key_is_trusted(declared_key))
       _pkey = declared_key;
-  } 
+  }
   if (!_pkey) {
     r = router_get_by_nickname(tok->args[0]);
     log_fn(LOG_DEBUG, "Got directory signed by %s", tok->args[0]);
@@ -661,7 +660,6 @@ static int check_directory_signature(const char *digest,
   return 0;
 }
 
-
 /** Given a string *<b>s</b> containing a concatenated sequence of router
  * descriptors, parses them and stores the result in *<b>dest</b>.  If
  * good_nickname_list is provided, then routers are marked as
@@ -941,7 +939,8 @@ router_parse_exit_policy_from_string(const char *s)
   const char *cp;
   char *tmp;
   struct exit_policy_t *r;
-  int len, idx;
+  size_t len;
+  int idx;
 
   /* *s might not end with \n, so we need to extend it with one. */
   len = strlen(s);
@@ -1122,7 +1121,6 @@ policy_read_failed:
  * Low-level tokenizer for router descriptors and directories.
  */
 
-
 /** Free all resources allocated for <b>tok</b> */
 static void
 token_free(directory_token_t *tok)

src/or/test.c

@@ -22,14 +22,15 @@ int have_failed = 0;
 
 /* These functions are file-local, but are exposed so we can test. */
 void add_fingerprint_to_dir(const char *nickname, const char *fp);
-void get_platform_str(char *platform, int len);
+void get_platform_str(char *platform, size_t len);
 
 void
-dump_hex(char *s, int len)
+dump_hex(char *s, size_t len)
 {
   static const char TABLE[] = "0123456789ABCDEF";
   unsigned char *d = s;
-  int i, j, nyb;
+  size_t i;
+  int j, nyb;
   for(i=0;i<len;++i) {
     for (j=1;j>=0;--j) {
       nyb = (((int) d[i]) >> (j*4)) & 0x0f;
@@ -263,6 +264,7 @@ test_crypto()
   crypto_pk_env_t *pk1, *pk2;
   char *data1, *data2, *data3, *cp;
   int i, j, p, len;
+  int size;
 
   data1 = tor_malloc(1024);
   data2 = tor_malloc(1024);
@@ -362,8 +364,8 @@ test_crypto()
   pk2 = crypto_new_pk_env();
   test_assert(pk1 && pk2);
   test_assert(! crypto_pk_generate_key(pk1));
-  test_assert(! crypto_pk_write_public_key_to_string(pk1, &cp, &i));
-  test_assert(! crypto_pk_read_public_key_from_string(pk2, cp, i));
+  test_assert(! crypto_pk_write_public_key_to_string(pk1, &cp, &size));
+  test_assert(! crypto_pk_read_public_key_from_string(pk2, cp, size));
   test_eq(0, crypto_pk_cmp_keys(pk1, pk2));
   tor_free(cp);
 
@@ -860,7 +862,7 @@ test_dir_format()
   char platform[256];
   char fingerprint[FINGERPRINT_LEN+1];
   char *pk1_str = NULL, *pk2_str = NULL, *pk3_str = NULL, *cp;
-  int pk1_str_len, pk2_str_len, pk3_str_len;
+  size_t pk1_str_len, pk2_str_len, pk3_str_len;
   routerinfo_t r1, r2;
   crypto_pk_env_t *pk1 = NULL, *pk2 = NULL, *pk3 = NULL;
   routerinfo_t *rp1 = NULL, *rp2 = NULL;