diff options
author | Jay Berkenbilt <ejb@ql.org> | 2019-06-21 05:35:23 +0200 |
---|---|---|
committer | Jay Berkenbilt <ejb@ql.org> | 2019-06-21 19:17:21 +0200 |
commit | d71f05ca07eb5c7cfa4d6d23e5c1f2a800f52e8e (patch) | |
tree | 60f4a13cbadee1a02a49f35f325460f2ad507c95 /libqpdf/rijndael.cc | |
parent | f40ffc9d6392edf9b6fe74d288d6d578e6d1a240 (diff) | |
download | qpdf-d71f05ca07eb5c7cfa4d6d23e5c1f2a800f52e8e.tar.zst |
Fix sign and conversion warnings (major)
This makes all integer type conversions that have potential data loss
explicit with calls that do range checks and raise an exception. After
this commit, qpdf builds with no warnings when -Wsign-conversion
-Wconversion is used with gcc or clang or when -W3 -Wd4800 is used
with MSVC. This significantly reduces the likelihood of potential
crashes from bogus integer values.
There are some parts of the code that take int when they should take
size_t or an offset. Such places would make qpdf not support files
with more than 2^31 of something that usually wouldn't be so large. In
the event that such a file shows up and is valid, at least qpdf would
raise an error in the right spot so the issue could be legitimately
addressed rather than failing in some weird way because of a silent
overflow condition.
Diffstat (limited to 'libqpdf/rijndael.cc')
-rw-r--r-- | libqpdf/rijndael.cc | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/libqpdf/rijndael.cc b/libqpdf/rijndael.cc index 7f711df7..c60c2288 100644 --- a/libqpdf/rijndael.cc +++ b/libqpdf/rijndael.cc @@ -710,7 +710,7 @@ static const u32 rcon[] = * * @return the number of rounds for the given cipher key size. */ -int rijndaelSetupEncrypt(u32 *rk, const u8 *key, int keybits) +unsigned int rijndaelSetupEncrypt(u32 *rk, const u8 *key, size_t keybits) { int i = 0; u32 temp; @@ -799,9 +799,9 @@ int rijndaelSetupEncrypt(u32 *rk, const u8 *key, int keybits) * * @return the number of rounds for the given cipher key size. */ -int rijndaelSetupDecrypt(u32 *rk, const u8 *key, int keybits) +unsigned int rijndaelSetupDecrypt(u32 *rk, const u8 *key, size_t keybits) { - int nrounds, i, j; + unsigned int nrounds, i, j; u32 temp; /* expand the cipher key: */ @@ -842,7 +842,8 @@ int rijndaelSetupDecrypt(u32 *rk, const u8 *key, int keybits) return nrounds; } -void rijndaelEncrypt(const u32 *rk, int nrounds, const u8 plaintext[16], +void rijndaelEncrypt(const u32 *rk, unsigned int nrounds, + const u8 plaintext[16], u8 ciphertext[16]) { u32 s0, s1, s2, s3, t0, t1, t2, t3; @@ -1024,7 +1025,8 @@ void rijndaelEncrypt(const u32 *rk, int nrounds, const u8 plaintext[16], PUTU32(ciphertext + 12, s3); } -void rijndaelDecrypt(const u32 *rk, int nrounds, const u8 ciphertext[16], +void rijndaelDecrypt(const u32 *rk, unsigned int nrounds, + const u8 ciphertext[16], u8 plaintext[16]) { u32 s0, s1, s2, s3, t0, t1, t2, t3; |