Clear some size_t truncations

Also fix the comments for ERR_STATE because they were actually wrong.

Bug: 516
Change-Id: I3b352fc75e63075a9f02f33c6e23da0f821a323e
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/61425
Auto-Submit: David Benjamin <davidben@google.com>
Reviewed-by: Bob Beck <bbe@google.com>
Commit-Queue: Bob Beck <bbe@google.com>
This commit is contained in:
David Benjamin 2023-07-03 12:24:51 -04:00 committed by Boringssl LUCI CQ
parent 9fc1c33e9c
commit 0f222e69b1
2 changed files with 13 additions and 10 deletions

View File

@ -146,13 +146,13 @@ struct err_error_st {
// ERR_STATE contains the per-thread, error queue.
typedef struct err_state_st {
// errors contains the ERR_NUM_ERRORS most recent errors, organised as a ring
// buffer.
// errors contains up to ERR_NUM_ERRORS - 1 most recent errors, organised as a
// ring buffer.
struct err_error_st errors[ERR_NUM_ERRORS];
// top contains the index one past the most recent error. If |top| equals
// |bottom| then the queue is empty.
// top contains the index of the most recent error. If |top| equals |bottom|
// then the queue is empty.
unsigned top;
// bottom contains the index of the last error in the queue.
// bottom contains the index before the least recent error in the queue.
unsigned bottom;
// to_free, if not NULL, contains a pointer owned by this structure that was
@ -866,6 +866,10 @@ void ERR_restore_state(const ERR_SAVE_STATE *state) {
return;
}
if (state->num_errors >= ERR_NUM_ERRORS) {
abort();
}
ERR_STATE *const dst = err_get_state();
if (dst == NULL) {
return;
@ -874,6 +878,6 @@ void ERR_restore_state(const ERR_SAVE_STATE *state) {
for (size_t i = 0; i < state->num_errors; i++) {
err_copy(&dst->errors[i], &state->errors[i]);
}
dst->top = state->num_errors - 1;
dst->top = (unsigned)(state->num_errors - 1);
dst->bottom = ERR_NUM_ERRORS - 1;
}

View File

@ -223,16 +223,15 @@ TEST(ECDSATest, BuiltinCurves) {
// Test ASN.1-encoded signatures.
// Create a signature.
unsigned sig_len = ECDSA_size(eckey.get());
std::vector<uint8_t> signature(sig_len);
std::vector<uint8_t> signature(ECDSA_size(eckey.get()));
unsigned sig_len;
ASSERT_TRUE(
ECDSA_sign(0, digest, 20, signature.data(), &sig_len, eckey.get()));
signature.resize(sig_len);
// ECDSA signing should be non-deterministic. This does not verify k is
// generated securely but at least checks it was randomized at all.
sig_len = ECDSA_size(eckey.get());
std::vector<uint8_t> signature2(sig_len);
std::vector<uint8_t> signature2(ECDSA_size(eckey.get()));
ASSERT_TRUE(
ECDSA_sign(0, digest, 20, signature2.data(), &sig_len, eckey.get()));
signature2.resize(sig_len);