diff options
| author |   miod <miod@openbsd.org> | 2014-05-31 19:09:20 +0000 |
|---|---|---|
| committer | miod <miod@openbsd.org> | 2014-05-31 19:09:20 +0000 |
| commit | e5d2e8bebca1e220ecd7a0c0b0679e76197144bc (patch) | |
| tree | 29997a83d43bfbf41566c51b83a658088ba19f6c /lib/libssl/src | |
| parent | Add a comment documenting where libssl depends upon the current (objectionable) (diff) | |
| download | wireguard-openbsd-e5d2e8bebca1e220ecd7a0c0b0679e76197144bc.tar.xz wireguard-openbsd-e5d2e8bebca1e220ecd7a0c0b0679e76197144bc.zip | |
BUF_MEM_grow_clean() takes a size_t as the size argument. Remove false comments
mentioning it's an int, bogus (int) casts and bounds checks against INT_MAX
(BUF_MEM_grow_clean has its own integer bounds checks).
ok deraadt@
Diffstat (limited to 'lib/libssl/src')
| -rw-r--r-- | lib/libssl/src/ssl/d1_both.c | 2 | ||||
| -rw-r--r-- | lib/libssl/src/ssl/s3_both.c | 10 |
2 files changed, 3 insertions, 9 deletions
diff --git a/lib/libssl/src/ssl/d1_both.c b/lib/libssl/src/ssl/d1_both.c index d62362e69a1..8e2843625b8 100644 --- a/lib/libssl/src/ssl/d1_both.c +++ b/lib/libssl/src/ssl/d1_both.c @@ -946,7 +946,7 @@ dtls1_add_cert_to_buf(BUF_MEM *buf, unsigned long *l, X509 *x) unsigned char *p; n = i2d_X509(x, NULL); - if (!BUF_MEM_grow_clean(buf, (int)(n + (*l) + 3))) { + if (!BUF_MEM_grow_clean(buf, n + (*l) + 3)) { SSLerr(SSL_F_DTLS1_ADD_CERT_TO_BUF, ERR_R_BUF_LIB); return 0; } diff --git a/lib/libssl/src/ssl/s3_both.c b/lib/libssl/src/ssl/s3_both.c index 2a96c199146..b6249e3e1da 100644 --- a/lib/libssl/src/ssl/s3_both.c +++ b/lib/libssl/src/ssl/s3_both.c @@ -315,7 +315,7 @@ ssl3_add_cert_to_buf(BUF_MEM *buf, unsigned long *l, X509 *x) unsigned char *p; n = i2d_X509(x, NULL); - if (!BUF_MEM_grow_clean(buf,(int)(n + (*l) + 3))) { + if (!BUF_MEM_grow_clean(buf, n + (*l) + 3)) { SSLerr(SSL_F_SSL3_ADD_CERT_TO_BUF, ERR_R_BUF_LIB); return (-1); } @@ -479,13 +479,7 @@ ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok) SSLerr(SSL_F_SSL3_GET_MESSAGE, SSL_R_EXCESSIVE_MESSAGE_SIZE); goto f_err; } - if (l > (INT_MAX-4)) /* BUF_MEM_grow takes an 'int' parameter */ - { - al = SSL_AD_ILLEGAL_PARAMETER; - SSLerr(SSL_F_SSL3_GET_MESSAGE, SSL_R_EXCESSIVE_MESSAGE_SIZE); - goto f_err; - } - if (l && !BUF_MEM_grow_clean(s->init_buf,(int)l + 4)) { + if (l && !BUF_MEM_grow_clean(s->init_buf, l + 4)) { SSLerr(SSL_F_SSL3_GET_MESSAGE, ERR_R_BUF_LIB); goto err; } |