Add more bounded attributes to the buffer and md5/sha headers in libssl

ok miod@

3 files changed, 35 insertions, 19 deletions

diff --git a/lib/libssl/src/crypto/buffer/buffer.h b/lib/libssl/src/crypto/buffer/buffer.h
index 888dabf373b..bdffc346b9f 100644
--- a/lib/libssl/src/crypto/buffer/buffer.h
+++ b/lib/libssl/src/crypto/buffer/buffer.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: buffer.h,v 1.9 2014/06/12 15:49:28 deraadt Exp $ */
+/* $OpenBSD: buffer.h,v 1.10 2014/06/14 10:28:31 avsm Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -90,8 +90,10 @@ void *	BUF_memdup(const void *data, size_t siz);
 void	BUF_reverse(unsigned char *out, const unsigned char *in, size_t siz);
 
 /* safe string functions */
-size_t BUF_strlcpy(char *dst, const char *src, size_t siz);
-size_t BUF_strlcat(char *dst, const char *src, size_t siz);
+size_t BUF_strlcpy(char *dst, const char *src, size_t siz)
+	__attribute__ ((__bounded__(__string__,1,3)));
+size_t BUF_strlcat(char *dst, const char *src, size_t siz)
+	__attribute__ ((__bounded__(__string__,1,3)));
 
 
 /* BEGIN ERROR CODES */
diff --git a/lib/libssl/src/crypto/md5/md5.h b/lib/libssl/src/crypto/md5/md5.h
index 7cc703ac117..66e52ce2273 100644
--- a/lib/libssl/src/crypto/md5/md5.h
+++ b/lib/libssl/src/crypto/md5/md5.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: md5.h,v 1.14 2014/06/12 15:49:29 deraadt Exp $ */
+/* $OpenBSD: md5.h,v 1.15 2014/06/14 10:28:31 avsm Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -100,9 +100,11 @@ typedef struct MD5state_st
 	} MD5_CTX;
 
 int MD5_Init(MD5_CTX *c);
-int MD5_Update(MD5_CTX *c, const void *data, size_t len);
+int MD5_Update(MD5_CTX *c, const void *data, size_t len)
+	__attribute__ ((__bounded__(__buffer__,2,3)));
 int MD5_Final(unsigned char *md, MD5_CTX *c);
-unsigned char *MD5(const unsigned char *d, size_t n, unsigned char *md);
+unsigned char *MD5(const unsigned char *d, size_t n, unsigned char *md)
+	__attribute__ ((__bounded__(__buffer__,1,2)));
 void MD5_Transform(MD5_CTX *c, const unsigned char *b);
 #ifdef  __cplusplus
 }
diff --git a/lib/libssl/src/crypto/sha/sha.h b/lib/libssl/src/crypto/sha/sha.h
index 4cb434ba99d..a03694cd288 100644
--- a/lib/libssl/src/crypto/sha/sha.h
+++ b/lib/libssl/src/crypto/sha/sha.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: sha.h,v 1.14 2014/06/12 15:49:30 deraadt Exp $ */
+/* $OpenBSD: sha.h,v 1.15 2014/06/14 10:28:31 avsm Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -104,16 +104,20 @@ typedef struct SHAstate_st
 
 #ifndef OPENSSL_NO_SHA0
 int SHA_Init(SHA_CTX *c);
-int SHA_Update(SHA_CTX *c, const void *data, size_t len);
+int SHA_Update(SHA_CTX *c, const void *data, size_t len)
+	__attribute__ ((__bounded__(__buffer__,2,3)));
 int SHA_Final(unsigned char *md, SHA_CTX *c);
-unsigned char *SHA(const unsigned char *d, size_t n, unsigned char *md);
+unsigned char *SHA(const unsigned char *d, size_t n, unsigned char *md)
+	__attribute__ ((__bounded__(__buffer__,1,2)));
 void SHA_Transform(SHA_CTX *c, const unsigned char *data);
 #endif
 #ifndef OPENSSL_NO_SHA1
 int SHA1_Init(SHA_CTX *c);
-int SHA1_Update(SHA_CTX *c, const void *data, size_t len);
+int SHA1_Update(SHA_CTX *c, const void *data, size_t len)
+	__attribute__ ((__bounded__(__buffer__,2,3)));
 int SHA1_Final(unsigned char *md, SHA_CTX *c);
-unsigned char *SHA1(const unsigned char *d, size_t n, unsigned char *md);
+unsigned char *SHA1(const unsigned char *d, size_t n, unsigned char *md)
+	__attribute__ ((__bounded__(__buffer__,1,2)));
 void SHA1_Transform(SHA_CTX *c, const unsigned char *data);
 #endif
 
@@ -133,13 +137,17 @@ typedef struct SHA256state_st
 
 #ifndef OPENSSL_NO_SHA256
 int SHA224_Init(SHA256_CTX *c);
-int SHA224_Update(SHA256_CTX *c, const void *data, size_t len);
+int SHA224_Update(SHA256_CTX *c, const void *data, size_t len)
+	__attribute__ ((__bounded__(__buffer__,2,3)));
 int SHA224_Final(unsigned char *md, SHA256_CTX *c);
-unsigned char *SHA224(const unsigned char *d, size_t n,unsigned char *md);
+unsigned char *SHA224(const unsigned char *d, size_t n,unsigned char *md)
+	__attribute__ ((__bounded__(__buffer__,1,2)));
 int SHA256_Init(SHA256_CTX *c);
-int SHA256_Update(SHA256_CTX *c, const void *data, size_t len);
+int SHA256_Update(SHA256_CTX *c, const void *data, size_t len)
+	__attribute__ ((__bounded__(__buffer__,2,3)));
 int SHA256_Final(unsigned char *md, SHA256_CTX *c);
-unsigned char *SHA256(const unsigned char *d, size_t n,unsigned char *md);
+unsigned char *SHA256(const unsigned char *d, size_t n,unsigned char *md)
+	__attribute__ ((__bounded__(__buffer__,1,2)));
 void SHA256_Transform(SHA256_CTX *c, const unsigned char *data);
 #endif
 
@@ -177,13 +185,17 @@ typedef struct SHA512state_st
 
 #ifndef OPENSSL_NO_SHA512
 int SHA384_Init(SHA512_CTX *c);
-int SHA384_Update(SHA512_CTX *c, const void *data, size_t len);
+int SHA384_Update(SHA512_CTX *c, const void *data, size_t len)
+	__attribute__ ((__bounded__(__buffer__,2,3)));
 int SHA384_Final(unsigned char *md, SHA512_CTX *c);
-unsigned char *SHA384(const unsigned char *d, size_t n,unsigned char *md);
+unsigned char *SHA384(const unsigned char *d, size_t n,unsigned char *md)
+	__attribute__ ((__bounded__(__buffer__,1,2)));
 int SHA512_Init(SHA512_CTX *c);
-int SHA512_Update(SHA512_CTX *c, const void *data, size_t len);
+int SHA512_Update(SHA512_CTX *c, const void *data, size_t len)
+	__attribute__ ((__bounded__(__buffer__,2,3)));
 int SHA512_Final(unsigned char *md, SHA512_CTX *c);
-unsigned char *SHA512(const unsigned char *d, size_t n,unsigned char *md);
+unsigned char *SHA512(const unsigned char *d, size_t n,unsigned char *md)
+	__attribute__ ((__bounded__(__buffer__,1,2)));
 void SHA512_Transform(SHA512_CTX *c, const unsigned char *data);
 #endif