Bug 1230759: Part 8 - fix compiler warnings in libsrtp
MozReview-Commit-ID: AGQqp4MUapq
--- a/netwerk/srtp/src/crypto/cipher/aes_icm.c
+++ b/netwerk/srtp/src/crypto/cipher/aes_icm.c
@@ -342,17 +342,17 @@ static srtp_err_status_t srtp_aes_icm_en
#if ALIGN_32
b = (uint32_t *)buf;
*b++ ^= c->keystream_buffer.v32[0];
*b++ ^= c->keystream_buffer.v32[1];
*b++ ^= c->keystream_buffer.v32[2];
*b++ ^= c->keystream_buffer.v32[3];
buf = (uint8_t *)b;
#else
- if ((((unsigned long)buf) & 0x03) != 0) {
+ if ((((uintptr_t)buf) & 0x03) != 0) {
*buf++ ^= c->keystream_buffer.v8[0];
*buf++ ^= c->keystream_buffer.v8[1];
*buf++ ^= c->keystream_buffer.v8[2];
*buf++ ^= c->keystream_buffer.v8[3];
*buf++ ^= c->keystream_buffer.v8[4];
*buf++ ^= c->keystream_buffer.v8[5];
*buf++ ^= c->keystream_buffer.v8[6];
*buf++ ^= c->keystream_buffer.v8[7];
--- a/netwerk/srtp/src/crypto/cipher/cipher.c
+++ b/netwerk/srtp/src/crypto/cipher/cipher.c
@@ -213,16 +213,17 @@ srtp_err_status_t srtp_cipher_type_test(
const srtp_cipher_test_case_t *test_case = test_data;
srtp_cipher_t *c;
srtp_err_status_t status;
uint8_t buffer[SELF_TEST_BUF_OCTETS];
uint8_t buffer2[SELF_TEST_BUF_OCTETS];
uint32_t tag_len;
unsigned int len;
int i, j, case_num = 0;
+ unsigned k = 0;
debug_print(srtp_mod_cipher, "running self-test for cipher %s",
ct->description);
/*
* check to make sure that we have at least one test case, and
* return an error if we don't - we need to be paranoid here
*/
@@ -254,18 +255,18 @@ srtp_err_status_t srtp_cipher_type_test(
return status;
}
/* copy plaintext into test buffer */
if (test_case->ciphertext_length_octets > SELF_TEST_BUF_OCTETS) {
srtp_cipher_dealloc(c);
return srtp_err_status_bad_param;
}
- for (i = 0; i < test_case->plaintext_length_octets; i++) {
- buffer[i] = test_case->plaintext[i];
+ for (k = 0; k < test_case->plaintext_length_octets; k++) {
+ buffer[k] = test_case->plaintext[k];
}
debug_print(srtp_mod_cipher, "plaintext: %s",
srtp_octet_string_hex_string(
buffer, test_case->plaintext_length_octets));
/* set the initialization vector */
status = srtp_cipher_set_iv(c, (uint8_t *)test_case->idx,
@@ -320,21 +321,21 @@ srtp_err_status_t srtp_cipher_type_test(
buffer, test_case->ciphertext_length_octets));
/* compare the resulting ciphertext with that in the test case */
if (len != test_case->ciphertext_length_octets) {
srtp_cipher_dealloc(c);
return srtp_err_status_algo_fail;
}
status = srtp_err_status_ok;
- for (i = 0; i < test_case->ciphertext_length_octets; i++) {
- if (buffer[i] != test_case->ciphertext[i]) {
+ for (k = 0; k < test_case->ciphertext_length_octets; k++) {
+ if (buffer[k] != test_case->ciphertext[k]) {
status = srtp_err_status_algo_fail;
debug_print(srtp_mod_cipher, "test case %d failed", case_num);
- debug_print(srtp_mod_cipher, "(failure at byte %d)", i);
+ debug_print(srtp_mod_cipher, "(failure at byte %u)", k);
break;
}
}
if (status) {
debug_print(srtp_mod_cipher, "c computed: %s",
srtp_octet_string_hex_string(
buffer, 2 * test_case->plaintext_length_octets));
debug_print(srtp_mod_cipher, "c expected: %s",
@@ -358,18 +359,18 @@ srtp_err_status_t srtp_cipher_type_test(
return status;
}
/* copy ciphertext into test buffer */
if (test_case->ciphertext_length_octets > SELF_TEST_BUF_OCTETS) {
srtp_cipher_dealloc(c);
return srtp_err_status_bad_param;
}
- for (i = 0; i < test_case->ciphertext_length_octets; i++) {
- buffer[i] = test_case->ciphertext[i];
+ for (k = 0; k < test_case->ciphertext_length_octets; k++) {
+ buffer[k] = test_case->ciphertext[k];
}
debug_print(srtp_mod_cipher, "ciphertext: %s",
srtp_octet_string_hex_string(
buffer, test_case->plaintext_length_octets));
/* set the initialization vector */
status = srtp_cipher_set_iv(c, (uint8_t *)test_case->idx,
@@ -408,21 +409,21 @@ srtp_err_status_t srtp_cipher_type_test(
buffer, test_case->plaintext_length_octets));
/* compare the resulting plaintext with that in the test case */
if (len != test_case->plaintext_length_octets) {
srtp_cipher_dealloc(c);
return srtp_err_status_algo_fail;
}
status = srtp_err_status_ok;
- for (i = 0; i < test_case->plaintext_length_octets; i++) {
- if (buffer[i] != test_case->plaintext[i]) {
+ for (k = 0; k < test_case->plaintext_length_octets; k++) {
+ if (buffer[k] != test_case->plaintext[k]) {
status = srtp_err_status_algo_fail;
debug_print(srtp_mod_cipher, "test case %d failed", case_num);
- debug_print(srtp_mod_cipher, "(failure at byte %d)", i);
+ debug_print(srtp_mod_cipher, "(failure at byte %u)", k);
}
}
if (status) {
debug_print(srtp_mod_cipher, "p computed: %s",
srtp_octet_string_hex_string(
buffer, 2 * test_case->plaintext_length_octets));
debug_print(srtp_mod_cipher, "p expected: %s",
srtp_octet_string_hex_string(
@@ -453,18 +454,18 @@ srtp_err_status_t srtp_cipher_type_test(
test_case = test_data;
status = srtp_cipher_type_alloc(ct, &c, test_case->key_length_octets,
test_case->tag_length_octets);
if (status) {
return status;
}
for (j = 0; j < NUM_RAND_TESTS; j++) {
- unsigned length;
- int plaintext_len;
+ unsigned int length;
+ unsigned int plaintext_len;
uint8_t key[MAX_KEY_LEN];
uint8_t iv[MAX_KEY_LEN];
/* choose a length at random (leaving room for IV and padding) */
length = rand() % (SELF_TEST_BUF_OCTETS - 64);
debug_print(srtp_mod_cipher, "random plaintext length %d\n", length);
status = srtp_cipher_rand(buffer, length);
if (status) {
@@ -591,22 +592,22 @@ srtp_err_status_t srtp_cipher_type_test(
srtp_octet_string_hex_string(buffer, length));
/* compare the resulting plaintext with the original one */
if (length != plaintext_len) {
srtp_cipher_dealloc(c);
return srtp_err_status_algo_fail;
}
status = srtp_err_status_ok;
- for (i = 0; i < plaintext_len; i++) {
- if (buffer[i] != buffer2[i]) {
+ for (k = 0; k < plaintext_len; k++) {
+ if (buffer[k] != buffer2[k]) {
status = srtp_err_status_algo_fail;
debug_print(srtp_mod_cipher, "random test case %d failed",
case_num);
- debug_print(srtp_mod_cipher, "(failure at byte %d)", i);
+ debug_print(srtp_mod_cipher, "(failure at byte %u)", k);
}
}
if (status) {
srtp_cipher_dealloc(c);
return srtp_err_status_algo_fail;
}
}
--- a/netwerk/srtp/src/crypto/include/cipher.h
+++ b/netwerk/srtp/src/crypto/include/cipher.h
@@ -127,26 +127,26 @@ typedef srtp_err_status_t (*srtp_cipher_
/*
* srtp_cipher_test_case_t is a (list of) key, salt, plaintext, ciphertext,
* and aad values that are known to be correct for a
* particular cipher. this data can be used to test an implementation
* in an on-the-fly self test of the correctness of the implementation.
* (see the srtp_cipher_type_self_test() function below)
*/
typedef struct srtp_cipher_test_case_t {
- int key_length_octets; /* octets in key */
- const uint8_t *key; /* key */
- uint8_t *idx; /* packet index */
- int plaintext_length_octets; /* octets in plaintext */
- const uint8_t *plaintext; /* plaintext */
- int ciphertext_length_octets; /* octets in plaintext */
- const uint8_t *ciphertext; /* ciphertext */
- int aad_length_octets; /* octets in AAD */
- const uint8_t *aad; /* AAD */
- int tag_length_octets; /* Length of AEAD tag */
+ int key_length_octets; /* octets in key */
+ const uint8_t *key; /* key */
+ uint8_t *idx; /* packet index */
+ unsigned int plaintext_length_octets; /* octets in plaintext */
+ const uint8_t *plaintext; /* plaintext */
+ unsigned int ciphertext_length_octets; /* octets in plaintext */
+ const uint8_t *ciphertext; /* ciphertext */
+ int aad_length_octets; /* octets in AAD */
+ const uint8_t *aad; /* AAD */
+ int tag_length_octets; /* Length of AEAD tag */
const struct srtp_cipher_test_case_t
*next_test_case; /* pointer to next testcase */
} srtp_cipher_test_case_t;
/* srtp_cipher_type_t defines the 'metadata' for a particular cipher type */
typedef struct srtp_cipher_type_t {
srtp_cipher_alloc_func_t alloc;
srtp_cipher_dealloc_func_t dealloc;
--- a/netwerk/srtp/src/crypto/replay/rdb.c
+++ b/netwerk/srtp/src/crypto/replay/rdb.c
@@ -95,19 +95,20 @@ srtp_err_status_t srtp_rdb_check(const s
* index appears in db)
*
* this function should be called only after srtp_rdb_check has
* indicated that the index does not appear in the rdb, e.g., a mutex
* should protect the rdb between these calls
*/
srtp_err_status_t srtp_rdb_add_index(srtp_rdb_t *rdb, uint32_t p_index)
{
- int delta;
+ unsigned int delta;
- /* here we *assume* that p_index > rdb->window_start */
+ if (p_index < rdb->window_start)
+ return srtp_err_status_replay_fail;
delta = (p_index - rdb->window_start);
if (delta < rdb_bits_in_bitmask) {
/* if the p_index is within the window, set the appropriate bit */
v128_set_bit(&rdb->bitmask, delta);
} else {
delta -= rdb_bits_in_bitmask - 1;
--- a/netwerk/srtp/src/srtp/srtp.c
+++ b/netwerk/srtp/src/srtp/srtp.c
@@ -818,17 +818,17 @@ static inline int base_key_length(const
default:
return key_length;
break;
}
}
unsigned int srtp_validate_policy_master_keys(const srtp_policy_t *policy)
{
- int i = 0;
+ unsigned long i = 0;
if (policy->key == NULL) {
if (policy->num_master_keys <= 0)
return 0;
if (policy->num_master_keys > SRTP_MAX_NUM_MASTER_KEYS)
return 0;
@@ -876,17 +876,17 @@ unsigned int srtp_inject_mki(uint8_t *mk
}
srtp_err_status_t srtp_stream_init_all_master_keys(
srtp_stream_ctx_t *srtp,
unsigned char *key,
srtp_master_key_t **keys,
const unsigned int max_master_keys)
{
- int i = 0;
+ unsigned int i = 0;
srtp_err_status_t status = srtp_err_status_ok;
srtp_master_key_t single_master_key;
if (key != NULL) {
srtp->num_master_keys = 1;
single_master_key.key = key;
single_master_key.mki_id = NULL;
single_master_key.mki_size = 0;
@@ -4153,22 +4153,26 @@ srtp_err_status_t srtp_unprotect_rtcp_mk
uint32_t seq_num;
int e_bit_in_packet; /* whether the E-bit was found in the packet */
int sec_serv_confidentiality; /* whether confidentiality was requested */
unsigned int mki_size = 0;
srtp_session_keys_t *session_keys = NULL;
/* we assume the hdr is 32-bit aligned to start */
+ if (*pkt_octet_len < 0)
+ return srtp_err_status_bad_param;
+
/*
* check that the length value is sane; we'll check again once we
* know the tag length, but we at least want to know that it is
* a positive value
*/
- if (*pkt_octet_len < octets_in_rtcp_header + sizeof(srtcp_trailer_t))
+ if ((unsigned int)(*pkt_octet_len) <
+ octets_in_rtcp_header + sizeof(srtcp_trailer_t))
return srtp_err_status_bad_param;
/*
* look up ssrc in srtp_stream list, and process the packet with
* the appropriate stream. if we haven't seen this stream before,
* there's only one key for this srtp_session, and the cipher
* supports key-sharing, then we assume that a new stream using
* that key has just started up