r14374@tombo: nickm | 2008-02-21 16:57:39 -0500

 Fix all remaining shorten-64-to-32 errors in src/common.  Some were genuine problems.  Many were compatibility errors with libraries (openssl, zlib) that like predate size_t.  Partial backport candidate.


svn:r13665

src/common/compat.c

@@ -1112,7 +1112,7 @@ tor_inet_pton(int af, const char *src, void *dst)
         return 0;
       if (TOR_ISXDIGIT(*src)) {
         char *next;
-        int r = strtol(src, &next, 16);
+        long r = strtol(src, &next, 16);
         if (next > 4+src)
           return 0;
         if (next == src)

src/common/crypto.c

@@ -816,8 +816,8 @@ crypto_pk_public_hybrid_encrypt(crypto_pk_env_t *env,
                                 size_t fromlen,
                                 int padding, int force)
 {
-  int overhead, outlen, r, symlen;
-  size_t pkeylen;
+  int overhead, outlen, r;
+  size_t pkeylen, symlen;
   crypto_cipher_env_t *cipher = NULL;
   char *buf = NULL;
 
@@ -867,7 +867,8 @@ crypto_pk_public_hybrid_encrypt(crypto_pk_env_t *env,
   memset(buf, 0, pkeylen);
   tor_free(buf);
   crypto_free_cipher_env(cipher);
-  return outlen + symlen;
+  tor_assert(outlen+symlen < INT_MAX);
+  return (int)(outlen + symlen);
  err:
   if (buf) {
     memset(buf, 0, pkeylen);
@@ -921,7 +922,8 @@ crypto_pk_private_hybrid_decrypt(crypto_pk_env_t *env,
   memset(buf,0,pkeylen);
   tor_free(buf);
   crypto_free_cipher_env(cipher);
-  return outlen + (fromlen-pkeylen);
+  tor_assert(outlen + fromlen < INT_MAX);
+  return (int)(outlen + (fromlen-pkeylen));
  err:
   memset(buf,0,pkeylen);
   tor_free(buf);
@@ -1211,6 +1213,7 @@ crypto_cipher_encrypt_with_iv(crypto_cipher_env_t *cipher,
   tor_assert(cipher);
   tor_assert(from);
   tor_assert(to);
+  tor_assert(fromlen < INT_MAX);
 
   if (fromlen < 1)
     return -1;
@@ -1221,7 +1224,7 @@ crypto_cipher_encrypt_with_iv(crypto_cipher_env_t *cipher,
   if (crypto_cipher_set_iv(cipher, to)<0)
     return -1;
   crypto_cipher_encrypt(cipher, to+CIPHER_IV_LEN, from, fromlen);
-  return fromlen + CIPHER_IV_LEN;
+  return (int)(fromlen + CIPHER_IV_LEN);
 }
 
 /** Decrypt <b>fromlen</b> bytes (at least 1+CIPHER_IV_LEN) from <b>from</b>
@@ -1241,6 +1244,7 @@ crypto_cipher_decrypt_with_iv(crypto_cipher_env_t *cipher,
   tor_assert(cipher);
   tor_assert(from);
   tor_assert(to);
+  tor_assert(fromlen < INT_MAX);
 
   if (fromlen <= CIPHER_IV_LEN)
     return -1;
@@ -1250,7 +1254,7 @@ crypto_cipher_decrypt_with_iv(crypto_cipher_env_t *cipher,
   if (crypto_cipher_set_iv(cipher, from)<0)
     return -1;
   crypto_cipher_encrypt(cipher, to, from+CIPHER_IV_LEN, fromlen-CIPHER_IV_LEN);
-  return fromlen - CIPHER_IV_LEN;
+  return (int)(fromlen - CIPHER_IV_LEN);
 }
 
 /* SHA-1 */
@@ -1362,7 +1366,9 @@ crypto_hmac_sha1(char *hmac_out,
                  const char *key, size_t key_len,
                  const char *msg, size_t msg_len)
 {
-  HMAC(EVP_sha1(), key, key_len, (unsigned char*)msg, msg_len,
+  tor_assert(key_len < INT_MAX);
+  tor_assert(msg_len < INT_MAX);
+  HMAC(EVP_sha1(), key, (int)key_len, (unsigned char*)msg, (int)msg_len,
        (unsigned char*)hmac_out, NULL);
 }
 
@@ -1548,7 +1554,7 @@ tor_check_dh_key(BIGNUM *bn)
  *         SHA1( g^xy || "\x00" ) || SHA1( g^xy || "\x01" ) || ...
  * where || is concatenation.)
  */
-int
+ssize_t
 crypto_dh_compute_secret(crypto_dh_env_t *dh,
                          const char *pubkey, size_t pubkey_len,
                          char *secret_out, size_t secret_bytes_out)
@@ -1559,8 +1565,10 @@ crypto_dh_compute_secret(crypto_dh_env_t *dh,
   int result=0;
   tor_assert(dh);
   tor_assert(secret_bytes_out/DIGEST_LEN <= 255);
+  tor_assert(pubkey_len < INT_MAX);
 
-  if (!(pubkey_bn = BN_bin2bn((const unsigned char*)pubkey, pubkey_len, NULL)))
+  if (!(pubkey_bn = BN_bin2bn((const unsigned char*)pubkey,
+                              (int)pubkey_len, NULL)))
     goto error;
   if (tor_check_dh_key(pubkey_bn)<0) {
     /* Check for invalid public keys. */
@@ -1721,10 +1729,11 @@ crypto_seed_rng(void)
     close(fd);
     if (n != sizeof(buf)) {
       log_warn(LD_CRYPTO,
-               "Error reading from entropy source (read only %d bytes).", n);
+               "Error reading from entropy source (read only %lu bytes).",
+               (unsigned long)n);
       return -1;
     }
-    RAND_seed(buf, sizeof(buf));
+    RAND_seed(buf, (int)sizeof(buf));
     memset(buf, 0, sizeof(buf));
     return 0;
   }
@@ -1741,8 +1750,9 @@ int
 crypto_rand(char *to, size_t n)
 {
   int r;
+  tor_assert(n < INT_MAX);
   tor_assert(to);
-  r = RAND_bytes((unsigned char*)to, n);
+  r = RAND_bytes((unsigned char*)to, (int)n);
   if (r == 0)
     crypto_log_errors(LOG_WARN, "generating random data");
   return (r == 1) ? 0 : -1;
@@ -1801,7 +1811,8 @@ crypto_random_hostname(int min_rand_len, int max_rand_len, const char *prefix,
                        const char *suffix)
 {
   char *result, *rand_bytes;
-  int randlen, resultlen, rand_bytes_len, prefixlen;
+  int randlen, rand_bytes_len;
+  size_t resultlen, prefixlen;
 
   tor_assert(max_rand_len >= min_rand_len);
   randlen = min_rand_len + crypto_rand_int(max_rand_len - min_rand_len + 1);
@@ -1829,8 +1840,7 @@ crypto_random_hostname(int min_rand_len, int max_rand_len, const char *prefix,
 void *
 smartlist_choose(const smartlist_t *sl)
 {
-  size_t len;
-  len = smartlist_len(sl);
+  int len = smartlist_len(sl);
   if (len)
     return smartlist_get(sl,crypto_rand_int(len));
   return NULL; /* no elements to choose from */
@@ -1863,6 +1873,7 @@ base64_encode(char *dest, size_t destlen, const char *src, size_t srclen)
    * it ever shows up in the profile. */
   EVP_ENCODE_CTX ctx;
   int len, ret;
+  tor_assert(srclen < INT_MAX);
 
   /* 48 bytes of input -> 64 bytes of output plus newline.
      Plus one more byte, in case I'm wrong.
@@ -1874,7 +1885,7 @@ base64_encode(char *dest, size_t destlen, const char *src, size_t srclen)
 
   EVP_EncodeInit(&ctx);
   EVP_EncodeUpdate(&ctx, (unsigned char*)dest, &len,
-                   (unsigned char*)src, srclen);
+                   (unsigned char*)src, (int)srclen);
   EVP_EncodeFinal(&ctx, (unsigned char*)(dest+len), &ret);
   ret += len;
   return ret;
@@ -2004,8 +2015,9 @@ base64_decode(char *dest, size_t destlen, const char *src, size_t srclen)
   }
 
   tor_assert((dest-dest_orig) <= (ssize_t)destlen);
+  tor_assert((dest-dest_orig) <= INT_MAX);
 
-  return dest-dest_orig;
+  return (int)(dest-dest_orig);
 #endif
 }
 #undef X
@@ -2056,8 +2068,8 @@ digest_from_base64(char *digest, const char *d64)
 void
 base32_encode(char *dest, size_t destlen, const char *src, size_t srclen)
 {
-  unsigned int nbits, i, bit, v, u;
-  nbits = srclen * 8;
+  unsigned int i, bit, v, u;
+  size_t nbits = srclen * 8;
 
   tor_assert((nbits%5) == 0); /* We need an even multiple of 5 bits. */
   tor_assert((nbits/5)+1 <= destlen); /* We need enough space. */
@@ -2082,7 +2094,8 @@ base32_decode(char *dest, size_t destlen, const char *src, size_t srclen)
 {
   /* XXXX we might want to rewrite this along the lines of base64_decode, if
    * it ever shows up in the profile. */
-  unsigned int nbits, i, j, bit;
+  unsigned int i, j, bit;
+  size_t nbits;
   char *tmp;
   nbits = srclen * 5;
 

src/common/crypto.h

@@ -158,7 +158,7 @@ int crypto_dh_get_bytes(crypto_dh_env_t *dh);
 int crypto_dh_generate_public(crypto_dh_env_t *dh);
 int crypto_dh_get_public(crypto_dh_env_t *dh, char *pubkey_out,
                          size_t pubkey_out_len);
-int crypto_dh_compute_secret(crypto_dh_env_t *dh,
+ssize_t crypto_dh_compute_secret(crypto_dh_env_t *dh,
                              const char *pubkey, size_t pubkey_len,
                              char *secret_out, size_t secret_out_len);
 void crypto_dh_free(crypto_dh_env_t *dh);

src/common/ht.h

@@ -90,7 +90,8 @@ ht_string_hash(const char *s)
   while (*cp) {
     h = (1000003*h) ^ *cp++;
   }
-  h ^= (cp-(const unsigned char*)s);
+  /* This conversion truncates the length of the string, but that's ok. */
+  h ^= (unsigned)(cp-(const unsigned char*)s);
   return h;
 }
 
@@ -287,7 +288,7 @@ ht_string_hash(const char *s)
     805306457, 1610612741                                               \
   };                                                                    \
   static unsigned name##_N_PRIMES =                                     \
-    sizeof(name##_PRIMES)/sizeof(name##_PRIMES[0]);                     \
+    (unsigned)(sizeof(name##_PRIMES)/sizeof(name##_PRIMES[0]));         \
   /* Expand the internal table of 'head' until it is large enough to    \
    * hold 'size' elements.  Return 0 on success, -1 on allocation       \
    * failure. */                                                        \

src/common/mempool.c

@@ -358,7 +358,7 @@ mp_pool_t *
 mp_pool_new(size_t item_size, size_t chunk_capacity)
 {
   mp_pool_t *pool;
-  size_t alloc_size;
+  size_t alloc_size, new_chunk_cap;
 
   pool = ALLOC(sizeof(mp_pool_t));
   CHECK_ALLOC(pool);
@@ -393,7 +393,10 @@ mp_pool_new(size_t item_size, size_t chunk_capacity)
   if (chunk_capacity < MIN_CHUNK)
     chunk_capacity = MIN_CHUNK;
 
-  pool->new_chunk_capacity = (chunk_capacity-CHUNK_OVERHEAD) / alloc_size;
+  new_chunk_cap = (chunk_capacity-CHUNK_OVERHEAD) / alloc_size;
+  tor_assert(new_chunk_cap < INT_MAX);
+  pool->new_chunk_capacity = (int)new_chunk_cap;
+
   pool->item_alloc_size = alloc_size;
 
   log_debug(LD_MM, "Capacity is %lu, item size is %lu, alloc size is %lu",

src/common/torgzip.c

@@ -77,6 +77,7 @@ tor_gzip_compress(char **out, size_t *out_len,
   tor_assert(out);
   tor_assert(out_len);
   tor_assert(in);
+  tor_assert(in_len < UINT_MAX);
 
   if (method == GZIP_METHOD && !is_gzip_supported()) {
     /* Old zlib version don't support gzip in deflateInit2 */
@@ -91,7 +92,7 @@ tor_gzip_compress(char **out, size_t *out_len,
   stream->zfree = Z_NULL;
   stream->opaque = NULL;
   stream->next_in = (unsigned char*) in;
-  stream->avail_in = in_len;
+  stream->avail_in = (unsigned int)in_len;
 
   if (deflateInit2(stream, Z_BEST_COMPRESSION, Z_DEFLATED,
                    method_bits(method),
@@ -106,7 +107,7 @@ tor_gzip_compress(char **out, size_t *out_len,
   if (out_size < 1024) out_size = 1024;
   *out = tor_malloc(out_size);
   stream->next_out = (unsigned char*)*out;
-  stream->avail_out = out_size;
+  stream->avail_out = (unsigned int)out_size;
 
   while (1) {
     switch (deflate(stream, Z_FINISH))
@@ -190,6 +191,7 @@ tor_gzip_uncompress(char **out, size_t *out_len,
   tor_assert(out);
   tor_assert(out_len);
   tor_assert(in);
+  tor_assert(in_len < UINT_MAX);
 
   if (method == GZIP_METHOD && !is_gzip_supported()) {
     /* Old zlib version don't support gzip in inflateInit2 */
@@ -204,7 +206,7 @@ tor_gzip_uncompress(char **out, size_t *out_len,
   stream->zfree = Z_NULL;
   stream->opaque = NULL;
   stream->next_in = (unsigned char*) in;
-  stream->avail_in = in_len;
+  stream->avail_in = (unsigned int)in_len;
 
   if (inflateInit2(stream,
                    method_bits(method)) != Z_OK) {
@@ -215,10 +217,12 @@ tor_gzip_uncompress(char **out, size_t *out_len,
 
   out_size = in_len * 2;  /* guess 50% compression. */
   if (out_size < 1024) out_size = 1024;
+  if (out_size > UINT_MAX)
+    goto err;
 
   *out = tor_malloc(out_size);
   stream->next_out = (unsigned char*)*out;
-  stream->avail_out = out_size;
+  stream->avail_out = (unsigned int)out_size;
 
   while (1) {
     switch (inflate(stream, complete_only ? Z_FINISH : Z_SYNC_FLUSH))
@@ -372,10 +376,12 @@ tor_zlib_process(tor_zlib_state_t *state,
                  int finish)
 {
   int err;
+  tor_assert(*in_len <= UINT_MAX);
+  tor_assert(*out_len <= UINT_MAX);
   state->stream.next_in = (unsigned char*) *in;
-  state->stream.avail_in = *in_len;
+  state->stream.avail_in = (unsigned int)*in_len;
   state->stream.next_out = (unsigned char*) *out;
-  state->stream.avail_out = *out_len;
+  state->stream.avail_out = (unsigned int)*out_len;
 
   if (state->compress) {
     err = deflate(&state->stream, finish ? Z_FINISH : Z_SYNC_FLUSH);

src/common/tortls.c

@@ -111,7 +111,7 @@ static INLINE unsigned int
 tor_tls_entry_hash(const tor_tls_t *a)
 {
 #if SIZEOF_INT == SIZEOF_VOID_P
-  return ((unsigned int)a->ssl);
+  return ((unsigned int)(uintptr_t)a->ssl);
 #else
   return (unsigned int) ((((uint64_t)a->ssl)>>2) & UINT_MAX);
 #endif
@@ -162,7 +162,7 @@ static int tls_library_is_initialized = 0;
 static void
 tls_log_errors(tor_tls_t *tls, int severity, const char *doing)
 {
-  int err;
+  unsigned long err;
   const char *msg, *lib, *func, *addr;
   addr = tls ? tls->address : NULL;
   while ((err = ERR_get_error()) != 0) {
@@ -841,7 +841,8 @@ tor_tls_read(tor_tls_t *tls, char *cp, size_t len)
   tor_assert(tls);
   tor_assert(tls->ssl);
   tor_assert(tls->state == TOR_TLS_ST_OPEN);
-  r = SSL_read(tls->ssl, cp, len);
+  tor_assert(len<INT_MAX);
+  r = SSL_read(tls->ssl, cp, (int)len);
   if (r > 0) {
 #ifdef V2_HANDSHAKE_SERVER
     if (tls->got_renegotiate) {
@@ -878,6 +879,7 @@ tor_tls_write(tor_tls_t *tls, const char *cp, size_t n)
   tor_assert(tls);
   tor_assert(tls->ssl);
   tor_assert(tls->state == TOR_TLS_ST_OPEN);
+  tor_assert(n < INT_MAX);
   if (n == 0)
     return 0;
   if (tls->wantwrite_n) {
@@ -888,7 +890,7 @@ tor_tls_write(tor_tls_t *tls, const char *cp, size_t n)
     n = tls->wantwrite_n;
     tls->wantwrite_n = 0;
   }
-  r = SSL_write(tls->ssl, cp, n);
+  r = SSL_write(tls->ssl, cp, (int)n);
   err = tor_tls_get_error(tls, r, 0, "writing", LOG_INFO);
   if (err == TOR_TLS_DONE) {
     return r;

src/common/util.c

@@ -1327,7 +1327,7 @@ int
 write_all(int fd, const char *buf, size_t count, int isSocket)
 {
   size_t written = 0;
-  int result;
+  ssize_t result;
   tor_assert(count < INT_MAX); /*XXXX021 make returnval an ssize_t */
 
   while (written != count) {
@@ -1350,10 +1350,11 @@ write_all(int fd, const char *buf, size_t count, int isSocket)
 int
 read_all(int fd, char *buf, size_t count, int isSocket)
 {
+  /*XXXX021 return ssize_t. */
   size_t numread = 0;
-  int result;
+  ssize_t result;
 
-  if (count > SIZE_T_CEILING)
+  if (count > SIZE_T_CEILING || count > INT_MAX)
     return -1;
 
   while (numread != count) {
@@ -1367,7 +1368,7 @@ read_all(int fd, char *buf, size_t count, int isSocket)
       break;
     numread += result;
   }
-  return numread;
+  return (int)numread;
 }
 
 /*
@@ -2373,7 +2374,7 @@ parse_port_range(const char *port, uint16_t *port_min_out,
     port_max = 65535;
   } else {
     char *endptr = NULL;
-    port_min = tor_parse_long(port, 10, 0, 65535, &ok, &endptr);
+    port_min = (int)tor_parse_long(port, 10, 0, 65535, &ok, &endptr);
     if (!ok) {
       log_warn(LD_GENERAL,
                "Malformed port %s on address range; rejecting.",
@@ -2382,7 +2383,7 @@ parse_port_range(const char *port, uint16_t *port_min_out,
     } else if (endptr && *endptr == '-') {
       port = endptr+1;
       endptr = NULL;
-      port_max = tor_parse_long(port, 10, 1, 65536, &ok, &endptr);
+      port_max = (int)tor_parse_long(port, 10, 1, 65536, &ok, &endptr);
       if (!ok) {
         log_warn(LD_GENERAL,
                  "Malformed port %s on address range; rejecting.",
@@ -2933,20 +2934,20 @@ get_interface_address6(int severity, sa_family_t family, tor_addr_t *addr)
 
   memset(addr, 0, sizeof(tor_addr_t));
   memset(&target_addr, 0, sizeof(target_addr));
-  my_addr_len = sizeof(my_addr);
+  my_addr_len = (socklen_t)sizeof(my_addr);
   ((struct sockaddr_in*)&target_addr)->sin_port = 9;  /* DISGARD port */
   /* Don't worry: no packets are sent. We just need to use a real address
    * on the actual internet. */
   if (family == AF_INET6) {
     struct sockaddr_in6 *sin6 = (struct sockaddr_in6*)&target_addr;
     sock = tor_open_socket(PF_INET6,SOCK_DGRAM,IPPROTO_UDP);
-    my_addr_len = sizeof(struct sockaddr_in6);
+    my_addr_len = (socklen_t)sizeof(struct sockaddr_in6);
     sin6->sin6_family = AF_INET6;
     S6_ADDR16(sin6->sin6_addr)[0] = htons(0x2002); /* 2002:: */
   } else if (family == AF_INET) {
     struct sockaddr_in *sin = (struct sockaddr_in*)&target_addr;
     sock = tor_open_socket(PF_INET,SOCK_DGRAM,IPPROTO_UDP);
-    my_addr_len = sizeof(struct sockaddr_in);
+    my_addr_len = (socklen_t)sizeof(struct sockaddr_in);
     sin->sin_family = AF_INET;
     sin->sin_addr.s_addr = htonl(0x12000001); /* 18.0.0.1 */
   } else {
@@ -2959,7 +2960,8 @@ get_interface_address6(int severity, sa_family_t family, tor_addr_t *addr)
     goto err;
   }
 
-  if (connect(sock,(struct sockaddr *)&target_addr,sizeof(target_addr))<0) {
+  if (connect(sock,(struct sockaddr *)&target_addr,
+              (socklen_t)sizeof(target_addr))<0) {
     int e = tor_socket_errno(sock);
     log_fn(severity, LD_NET, "connect() failed: %s", tor_socket_strerror(e));
     goto err;

src/or/test.c

@@ -770,10 +770,10 @@ test_util(void)
 
   /* Test tor_strstrip() */
   strlcpy(buf, "Testing 1 2 3", sizeof(buf));
-  test_eq(0, tor_strstrip(buf, ",!"));
+  tor_strstrip(buf, ",!");
   test_streq(buf, "Testing 1 2 3");
   strlcpy(buf, "!Testing 1 2 3?", sizeof(buf));
-  test_eq(5, tor_strstrip(buf, "!? "));
+  tor_strstrip(buf, "!? ");
   test_streq(buf, "Testing123");
 
   /* Test parse_addr_port */