diff options
author | Miod Vallat <miod@cvs.openbsd.org> | 2014-05-31 19:09:21 +0000 |
---|---|---|
committer | Miod Vallat <miod@cvs.openbsd.org> | 2014-05-31 19:09:21 +0000 |
commit | d7cc44f9e2686e5222223b1c5eba56177d1edca8 (patch) | |
tree | db18750691955c460f916c3c7824378427d5f52a /lib/libssl | |
parent | c74f233ac572a85c03072edbbf34757430abd2f0 (diff) |
BUF_MEM_grow_clean() takes a size_t as the size argument. Remove false comments
mentioning it's an int, bogus (int) casts and bounds checks against INT_MAX
(BUF_MEM_grow_clean has its own integer bounds checks).
ok deraadt@
Diffstat (limited to 'lib/libssl')
-rw-r--r-- | lib/libssl/src/ssl/d1_both.c | 2 | ||||
-rw-r--r-- | lib/libssl/src/ssl/s3_both.c | 10 |
2 files changed, 3 insertions, 9 deletions
diff --git a/lib/libssl/src/ssl/d1_both.c b/lib/libssl/src/ssl/d1_both.c index d62362e69a1..8e2843625b8 100644 --- a/lib/libssl/src/ssl/d1_both.c +++ b/lib/libssl/src/ssl/d1_both.c @@ -946,7 +946,7 @@ dtls1_add_cert_to_buf(BUF_MEM *buf, unsigned long *l, X509 *x) unsigned char *p; n = i2d_X509(x, NULL); - if (!BUF_MEM_grow_clean(buf, (int)(n + (*l) + 3))) { + if (!BUF_MEM_grow_clean(buf, n + (*l) + 3)) { SSLerr(SSL_F_DTLS1_ADD_CERT_TO_BUF, ERR_R_BUF_LIB); return 0; } diff --git a/lib/libssl/src/ssl/s3_both.c b/lib/libssl/src/ssl/s3_both.c index 2a96c199146..b6249e3e1da 100644 --- a/lib/libssl/src/ssl/s3_both.c +++ b/lib/libssl/src/ssl/s3_both.c @@ -315,7 +315,7 @@ ssl3_add_cert_to_buf(BUF_MEM *buf, unsigned long *l, X509 *x) unsigned char *p; n = i2d_X509(x, NULL); - if (!BUF_MEM_grow_clean(buf,(int)(n + (*l) + 3))) { + if (!BUF_MEM_grow_clean(buf, n + (*l) + 3)) { SSLerr(SSL_F_SSL3_ADD_CERT_TO_BUF, ERR_R_BUF_LIB); return (-1); } @@ -479,13 +479,7 @@ ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok) SSLerr(SSL_F_SSL3_GET_MESSAGE, SSL_R_EXCESSIVE_MESSAGE_SIZE); goto f_err; } - if (l > (INT_MAX-4)) /* BUF_MEM_grow takes an 'int' parameter */ - { - al = SSL_AD_ILLEGAL_PARAMETER; - SSLerr(SSL_F_SSL3_GET_MESSAGE, SSL_R_EXCESSIVE_MESSAGE_SIZE); - goto f_err; - } - if (l && !BUF_MEM_grow_clean(s->init_buf,(int)l + 4)) { + if (l && !BUF_MEM_grow_clean(s->init_buf, l + 4)) { SSLerr(SSL_F_SSL3_GET_MESSAGE, ERR_R_BUF_LIB); goto err; } |