diff --git a/src/ssl.c b/src/ssl.c index 7174a1625..533701d36 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -34453,7 +34453,7 @@ int wolfSSL_EC_POINT_oct2point(const WOLFSSL_EC_GROUP *group, (void)ctx; - return wolfSSL_ECPoint_d2i((unsigned char*)buf, len, group, p); + return wolfSSL_ECPoint_d2i((unsigned char*)buf, (unsigned int)len, group, p); } /* wolfSSL_EC_POINT_point2bn should return "in" if not null */ @@ -34484,7 +34484,7 @@ WOLFSSL_BIGNUM *wolfSSL_EC_POINT_point2bn(const WOLFSSL_EC_GROUP *group, if (wolfSSL_EC_POINT_point2oct(group, p, form, buf, len, ctx) == len) { - ret = wolfSSL_BN_bin2bn(buf, len, in); + ret = wolfSSL_BN_bin2bn(buf, (int)len, in); } XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER); @@ -42535,7 +42535,6 @@ WOLFSSL_EVP_PKEY* wolfSSL_d2i_PrivateKey_EVP(WOLFSSL_EVP_PKEY** out, wolfSSL_EVP_PKEY_free(pkey); return NULL; } - pkey->rsa->pkey = pkey; if (wolfSSL_RSA_LoadDer_ex(pkey->rsa, (const unsigned char*)pkey->pkey.ptr, @@ -46829,7 +46828,7 @@ int wolfSSL_BN_hex2bn(WOLFSSL_BIGNUM** bn, const char* str) return WOLFSSL_FAILURE; } - strLen = XSTRLEN(str); + strLen = (int)XSTRLEN(str); /* ignore trailing new lines */ while (str[strLen-1] == '\n' && strLen > 0) strLen--; diff --git a/tests/api.c b/tests/api.c index 546628b70..bb9676187 100644 --- a/tests/api.c +++ b/tests/api.c @@ -23171,12 +23171,7 @@ static void test_wolfSSL_ERR_put_error(void) AssertIntEQ(ERR_get_error_line_data(&file, &line, NULL, NULL), 0); PEMerr(4,4); - #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || \ - defined(WOLFSSL_HAPROXY) - AssertIntEQ(ERR_get_error(), -4); - #else AssertIntEQ(ERR_get_error(), 4); - #endif /* Empty and free up all error nodes */ ERR_clear_error(); diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index 5d9e831d7..6473fb431 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -10334,15 +10334,15 @@ int PemToDer(const unsigned char* buff, long longSz, int type, /* look for matching footer */ footer = XSTRNSTR(beginEnd, beginBuf + STR_SIZEOF(BEGIN_PRIV_KEY_PREFIX), - (char*)buff + sz - beginEnd); + (unsigned int)((char*)buff + sz - beginEnd)); if (!footer) { WOLFSSL_MSG("Couldn't find PEM footer"); return ASN_NO_PEM_HEADER; } footer -= STR_SIZEOF(END_PRIV_KEY_PREFIX); - endLen = beginEnd - headerEnd - + endLen = (unsigned int)(beginEnd - headerEnd - (STR_SIZEOF(BEGIN_PRIV_KEY_PREFIX) - - STR_SIZEOF(END_PRIV_KEY_PREFIX)); + STR_SIZEOF(END_PRIV_KEY_PREFIX))); XMEMCPY(endBuf, footer, endLen); endBuf[endLen] = '\0'; @@ -10394,7 +10394,7 @@ int PemToDer(const unsigned char* buff, long longSz, int type, #endif /* WOLFSSL_ENCRYPTED_KEYS */ /* find footer */ - footerEnd = XSTRNSTR(headerEnd, footer, (char*)buff + sz - headerEnd); + footerEnd = XSTRNSTR(headerEnd, footer, (unsigned int)((char*)buff + sz - headerEnd)); if (!footerEnd) { if (info) info->consumed = longSz; /* No more certs if no footer */ diff --git a/wolfcrypt/src/coding.c b/wolfcrypt/src/coding.c index c81588957..ba535abc0 100644 --- a/wolfcrypt/src/coding.c +++ b/wolfcrypt/src/coding.c @@ -57,21 +57,21 @@ const byte base64Decode[] = { 62, BAD, BAD, BAD, 63, /* + starts at 0x2B */ 46, 47, 48, 49, 50, 51 }; -static WC_INLINE int Base64_SkipNewline(const byte* in, word32 *outLen, word32 *outJ) +static WC_INLINE int Base64_SkipNewline(const byte* in, word32 *inLen, word32 *outJ) { - word32 inLen = *outLen; + word32 len = *inLen; word32 j = *outJ; - if (inLen && (in[j] == ' ' || in[j] == '\r' || in[j] == '\n')) { + if (len && (in[j] == ' ' || in[j] == '\r' || in[j] == '\n')) { byte endLine = in[j++]; - inLen--; - while (inLen && endLine == ' ') { /* allow trailing whitespace */ + len--; + while (len && endLine == ' ') { /* allow trailing whitespace */ endLine = in[j++]; - inLen--; + len--; } if (endLine == '\r') { - if (inLen) { + if (len) { endLine = in[j++]; - inLen--; + len--; } } if (endLine != '\n') { @@ -79,7 +79,10 @@ static WC_INLINE int Base64_SkipNewline(const byte* in, word32 *outLen, word32 * return ASN_INPUT_E; } } - *outLen = inLen; + if (!len) { + return BUFFER_E; + } + *inLen = len; *outJ = j; return 0; } @@ -101,21 +104,32 @@ int Base64_Decode(const byte* in, word32 inLen, byte* out, word32* outLen) byte b1, b2, b3; if ((ret = Base64_SkipNewline(in, &inLen, &j)) != 0) { + if (ret == BUFFER_E) { + /* Running out of buffer here is not an error */ + break; + } return ret; } byte e1 = in[j++]; + if (e1 == '\0') { + break; + } + inLen--; if ((ret = Base64_SkipNewline(in, &inLen, &j)) != 0) { return ret; } byte e2 = in[j++]; + inLen--; if ((ret = Base64_SkipNewline(in, &inLen, &j)) != 0) { return ret; } byte e3 = in[j++]; + inLen--; if ((ret = Base64_SkipNewline(in, &inLen, &j)) != 0) { return ret; } byte e4 = in[j++]; + inLen--; if (e1 == 0) /* end file 0's */ break; @@ -155,8 +169,6 @@ int Base64_Decode(const byte* in, word32 inLen, byte* out, word32* outLen) out[i++] = b3; else break; - - inLen -= 4; } /* If the output buffer has a room for an extra byte, add a null terminator */ if (out && *outLen > i)