diff options
author | Pauli <pauli@openssl.org> | 2021-05-31 16:31:04 +1000 |
---|---|---|
committer | Pauli <pauli@openssl.org> | 2021-06-01 18:13:36 +1000 |
commit | dfefa4c16424cb3628b2a75b53c11e0be5247baa (patch) | |
tree | a9be8c3f65dbdfcb6181caf4e3719b83b7cefb56 /ssl/statem | |
parent | 528685fe7767b376fe299a602217f3a3a7e1d21d (diff) |
ssl: ass size_t to RAND_bytes_ex()
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/15540)
Diffstat (limited to 'ssl/statem')
-rw-r--r-- | ssl/statem/statem_clnt.c | 6 | ||||
-rw-r--r-- | ssl/statem/statem_srvr.c | 3 |
2 files changed, 5 insertions, 4 deletions
diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index c10a1e46b2..82bb013865 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -2853,7 +2853,7 @@ static int tls_construct_cke_rsa(SSL *s, WPACKET *pkt) pms[0] = s->client_version >> 8; pms[1] = s->client_version & 0xff; /* TODO(size_t): Convert this function */ - if (RAND_bytes_ex(s->ctx->libctx, pms + 2, (int)(pmslen - 2), 0) <= 0) { + if (RAND_bytes_ex(s->ctx->libctx, pms + 2, pmslen - 2, 0) <= 0) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE); goto err; } @@ -3060,7 +3060,7 @@ static int tls_construct_cke_gost(SSL *s, WPACKET *pkt) /* Generate session key * TODO(size_t): Convert this function */ - || RAND_bytes_ex(s->ctx->libctx, pms, (int)pmslen, 0) <= 0) { + || RAND_bytes_ex(s->ctx->libctx, pms, pmslen, 0) <= 0) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); goto err; }; @@ -3185,7 +3185,7 @@ static int tls_construct_cke_gost18(SSL *s, WPACKET *pkt) goto err; } - if (RAND_bytes_ex(s->ctx->libctx, pms, (int)pmslen, 0) <= 0) { + if (RAND_bytes_ex(s->ctx->libctx, pms, pmslen, 0) <= 0) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); goto err; } diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c index bf4a486a8d..15bcdae387 100644 --- a/ssl/statem/statem_srvr.c +++ b/ssl/statem/statem_srvr.c @@ -3778,7 +3778,8 @@ static int construct_stateless_ticket(SSL *s, WPACKET *pkt, uint32_t age_add, } iv_len = EVP_CIPHER_iv_length(cipher); - if (RAND_bytes_ex(s->ctx->libctx, iv, iv_len, 0) <= 0 + if (iv_len < 0 + || RAND_bytes_ex(s->ctx->libctx, iv, iv_len, 0) <= 0 || !EVP_EncryptInit_ex(ctx, cipher, NULL, tctx->ext.secure->tick_aes_key, iv) || !ssl_hmac_init(hctx, tctx->ext.secure->tick_hmac_key, |