| commit | 05b8b866993b957f5fd575846cf8ea3035e60f7e | |
| author | Paul Eggert <eggert@cs.ucla.edu> | |
| Fri, 14 Jul 2017 23:18:37 +0000 (14 16:18 -0700) | ||
| committer | Paul Eggert <eggert@cs.ucla.edu> | |
| Fri, 14 Jul 2017 23:36:18 +0000 (14 16:36 -0700) | ||
| tree | 7d25217ee1f4c409cb217c52a6bd152dda675b8a | treesnapshot (tar.gz zip) |
| parent | 8b64a80a56c0e15d3313a45022ae60b33dbb4bff | commitdiff |
GnuTLS integer-overflow and style fixes
This tweaks the recently-added GnuTLS improvements so that
they avoid some integer-overflow problems and follow typical
Emacs style a bit better.
* configure.ac (HAVE_GNUTLS3_HMAC, HAVE_GNUTLS3_AEAD)
(HAVE_GNUTLS3_CIPHER): Use AC_CACHE_CHECK so that the
configure-time results are displayed.
* src/fns.c (extract_data_from_object): Return char *, not char
const *, since one gnutls caller wants a non-const pointer. Use
CONSP rather than !NILP when testing for conses. Use CAR_SAFE
instead of rolling our own code. Prefer signed types to unsigned
when either will do. Report problems for lengths out of range,
instead of silently mishandling them.
* src/gnutls.c (emacs_gnutls_strerror): New function, to simplify
callers. All callers of gnutls_sterror changed.
(Fgnutls_boot): Check for integers out of range rather than
silently truncating them.
(gnutls_symmetric_aead): Check for integer overflow in size
calculations.
(gnutls_symmetric_aead, Fgnutls_macs, Fgnutls_digests):
Prefer signed to unsigned integers where either will do.
(gnutls_symmetric_aead, gnutls_symmetric):
Work even if ptrdiff_t is wider than ‘long’.
(gnutls_symmetric, Fgnutls_hash_mac, Fgnutls_hash_digest):
Check for integer overflow in algorithm selection.
This tweaks the recently-added GnuTLS improvements so that
they avoid some integer-overflow problems and follow typical
Emacs style a bit better.
* configure.ac (HAVE_GNUTLS3_HMAC, HAVE_GNUTLS3_AEAD)
(HAVE_GNUTLS3_CIPHER): Use AC_CACHE_CHECK so that the
configure-time results are displayed.
* src/fns.c (extract_data_from_object): Return char *, not char
const *, since one gnutls caller wants a non-const pointer. Use
CONSP rather than !NILP when testing for conses. Use CAR_SAFE
instead of rolling our own code. Prefer signed types to unsigned
when either will do. Report problems for lengths out of range,
instead of silently mishandling them.
* src/gnutls.c (emacs_gnutls_strerror): New function, to simplify
callers. All callers of gnutls_sterror changed.
(Fgnutls_boot): Check for integers out of range rather than
silently truncating them.
(gnutls_symmetric_aead): Check for integer overflow in size
calculations.
(gnutls_symmetric_aead, Fgnutls_macs, Fgnutls_digests):
Prefer signed to unsigned integers where either will do.
(gnutls_symmetric_aead, gnutls_symmetric):
Work even if ptrdiff_t is wider than ‘long’.
(gnutls_symmetric, Fgnutls_hash_mac, Fgnutls_hash_digest):
Check for integer overflow in algorithm selection.
| configure.ac | diffblobblamehistory | |
| src/fns.c | diffblobblamehistory | |
| src/gnutls.c | diffblobblamehistory | |
| src/lisp.h | diffblobblamehistory |