Reduce casting nastiness.

This commit is contained in:
Ben Laurie 2014-07-05 14:59:33 +01:00
parent 6835f572a9
commit d2ab55eb5b
3 changed files with 11 additions and 2 deletions

View File

@ -643,6 +643,13 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len)
#endif
SSL3_BUFFER *wb=&(s->s3->wbuf);
int i;
unsigned int u_len = (unsigned int)len;
if (len < 0)
{
SSLerr(SSL_F_SSL3_WRITE_BYTES,SSL_R_SSL_NEGATIVE_LENGTH);
return -1;
}
s->rwstate=SSL_NOTHING;
OPENSSL_assert(s->s3->wnum <= INT_MAX);
@ -697,7 +704,7 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len)
* compromise is considered worthy.
*/
if (type==SSL3_RT_APPLICATION_DATA &&
len >= 4*(int)(max_send_fragment=s->max_send_fragment) &&
u_len >= 4*(max_send_fragment=s->max_send_fragment) &&
s->compress==NULL && s->msg_callback==NULL &&
!SSL_USE_ETM(s) && SSL_USE_EXPLICIT_IV(s) &&
EVP_CIPHER_flags(s->enc_write_ctx->cipher)&EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)
@ -718,7 +725,7 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len)
EVP_CTRL_TLS1_1_MULTIBLOCK_MAX_BUFSIZE,
max_send_fragment,NULL);
if (len>=8*(int)max_send_fragment) packlen *= 8;
if (u_len >= 8*max_send_fragment) packlen *= 8;
else packlen *= 4;
wb->buf=OPENSSL_malloc(packlen);

View File

@ -3057,6 +3057,7 @@ void ERR_load_SSL_strings(void);
#define SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION 228
#define SSL_R_SSL_HANDSHAKE_FAILURE 229
#define SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS 230
#define SSL_R_SSL_NEGATIVE_LENGTH 372
#define SSL_R_SSL_SESSION_ID_CALLBACK_FAILED 301
#define SSL_R_SSL_SESSION_ID_CONFLICT 302
#define SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG 273

View File

@ -551,6 +551,7 @@ static ERR_STRING_DATA SSL_str_reasons[]=
{ERR_REASON(SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION),"ssl ctx has no default ssl version"},
{ERR_REASON(SSL_R_SSL_HANDSHAKE_FAILURE) ,"ssl handshake failure"},
{ERR_REASON(SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS),"ssl library has no ciphers"},
{ERR_REASON(SSL_R_SSL_NEGATIVE_LENGTH) ,"ssl negative length"},
{ERR_REASON(SSL_R_SSL_SESSION_ID_CALLBACK_FAILED),"ssl session id callback failed"},
{ERR_REASON(SSL_R_SSL_SESSION_ID_CONFLICT),"ssl session id conflict"},
{ERR_REASON(SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG),"ssl session id context too long"},