diff options
-rw-r--r-- | aes_keywrap.c | 16 | ||||
-rw-r--r-- | asn1.c | 16 | ||||
-rw-r--r-- | core.c | 4 | ||||
-rw-r--r-- | ecdsa.c | 14 | ||||
-rw-r--r-- | hal.h | 2 | ||||
-rw-r--r-- | hash.c | 12 | ||||
-rw-r--r-- | ks.c | 58 | ||||
-rw-r--r-- | ks.h | 1 | ||||
-rw-r--r-- | ks_attribute.c | 4 | ||||
-rw-r--r-- | ks_index.c | 4 | ||||
-rw-r--r-- | ks_token.c | 35 | ||||
-rw-r--r-- | ks_volatile.c | 2 | ||||
-rw-r--r-- | pbkdf2.c | 10 | ||||
-rw-r--r-- | rpc_api.c | 2 | ||||
-rw-r--r-- | rpc_hash.c | 6 | ||||
-rw-r--r-- | rpc_misc.c | 10 | ||||
-rw-r--r-- | rpc_pkey.c | 8 | ||||
-rw-r--r-- | rpc_server.c | 22 | ||||
-rw-r--r-- | rsa.c | 8 | ||||
-rw-r--r-- | slip.c | 2 | ||||
-rw-r--r-- | tests/test-aes-key-wrap.c | 2 | ||||
-rw-r--r-- | tests/test-ecdsa.c | 2 | ||||
-rw-r--r-- | tests/test-hash.c | 2 | ||||
-rw-r--r-- | tests/test-pbkdf2.c | 2 | ||||
-rw-r--r-- | tests/test-rsa.c | 4 | ||||
-rw-r--r-- | utils/cores.c | 2 | ||||
-rw-r--r-- | xdr.c | 9 |
27 files changed, 123 insertions, 136 deletions
diff --git a/aes_keywrap.c b/aes_keywrap.c index d7701f0..355cb0b 100644 --- a/aes_keywrap.c +++ b/aes_keywrap.c @@ -165,8 +165,7 @@ hal_error_t hal_aes_keywrap(hal_core_t *core, { const size_t calculated_C_len = hal_aes_keywrap_ciphertext_length(m); hal_error_t err; - uint32_t n; - long i, j; + size_t n; assert(calculated_C_len % 8 == 0); @@ -202,8 +201,8 @@ hal_error_t hal_aes_keywrap(hal_core_t *core, } else { - for (j = 0; j <= 5; j++) { - for (i = 1; i <= n; i++) { + for (size_t j = 0; j <= 5; j++) { + for (size_t i = 1; i <= n; i++) { uint32_t t = n * j + i; if ((err = do_block(core, C, C + i * 8)) != HAL_OK) goto out; @@ -235,8 +234,7 @@ hal_error_t hal_aes_keyunwrap(hal_core_t * core, size_t *Q_len) { hal_error_t err; - uint32_t n; - long i, j; + size_t n; size_t m; if (C == NULL || Q == NULL || C_len % 8 != 0 || C_len < 16 || Q_len == NULL || *Q_len < C_len) @@ -259,8 +257,8 @@ hal_error_t hal_aes_keyunwrap(hal_core_t * core, } else { - for (j = 5; j >= 0; j--) { - for (i = n; i >= 1; i--) { + for (long j = 5; j >= 0; j--) { + for (size_t i = n; i >= 1; i--) { uint32_t t = n * j + i; Q[7] ^= t & 0xFF; t >>= 8; Q[6] ^= t & 0xFF; t >>= 8; @@ -285,7 +283,7 @@ hal_error_t hal_aes_keyunwrap(hal_core_t * core, } if (m % 8 != 0) - for (i = m + 8; i < 8 * (n + 1); i++) + for (size_t i = m + 8; i < 8 * (n + 1); i++) if (Q[i] != 0x00) { err = HAL_ERROR_KEYWRAP_BAD_PADDING; goto out; @@ -517,7 +517,7 @@ hal_error_t hal_asn1_decode_spki(const uint8_t **alg_oid, size_t *alg_oid_len, if ((err = hal_asn1_decode_header(ASN1_OBJECT_IDENTIFIER, d, algid_end - d, &hlen, &vlen)) != HAL_OK) return err; d += hlen; - if (vlen > algid_end - d) + if (vlen > (size_t)(algid_end - d)) return HAL_ERROR_ASN1_PARSE_FAILED; if (alg_oid != NULL) *alg_oid = d; @@ -537,7 +537,7 @@ hal_error_t hal_asn1_decode_spki(const uint8_t **alg_oid, size_t *alg_oid_len, if ((err = hal_asn1_decode_header(ASN1_OBJECT_IDENTIFIER, d, algid_end - d, &hlen, &vlen)) != HAL_OK) return err; d += hlen; - if (vlen > algid_end - d) + if (vlen > (size_t)(algid_end - d)) return HAL_ERROR_ASN1_PARSE_FAILED; if (curve_oid != NULL) *curve_oid = d; @@ -564,7 +564,7 @@ hal_error_t hal_asn1_decode_spki(const uint8_t **alg_oid, size_t *alg_oid_len, if ((err = hal_asn1_decode_header(ASN1_BIT_STRING, d, der_end - d, &hlen, &vlen)) != HAL_OK) return err; d += hlen; - if (vlen >= algid_end - d || vlen == 0 || *d != 0x00) + if (vlen >= (size_t)(algid_end - d) || vlen == 0 || *d != 0x00) return HAL_ERROR_ASN1_PARSE_FAILED; ++d; --vlen; if (pubkey != NULL) @@ -620,7 +620,7 @@ hal_error_t hal_asn1_decode_pkcs8_privatekeyinfo(const uint8_t **alg_oid, size if ((err = hal_asn1_decode_header(ASN1_OBJECT_IDENTIFIER, d, algid_end - d, &hlen, &vlen)) != HAL_OK) return err; d += hlen; - if (vlen > algid_end - d) + if (vlen > (size_t)(algid_end - d)) return HAL_ERROR_ASN1_PARSE_FAILED; if (alg_oid != NULL) *alg_oid = d; @@ -640,7 +640,7 @@ hal_error_t hal_asn1_decode_pkcs8_privatekeyinfo(const uint8_t **alg_oid, size if ((err = hal_asn1_decode_header(ASN1_OBJECT_IDENTIFIER, d, algid_end - d, &hlen, &vlen)) != HAL_OK) return err; d += hlen; - if (vlen > algid_end - d) + if (vlen > (size_t)(algid_end - d)) return HAL_ERROR_ASN1_PARSE_FAILED; if (curve_oid != NULL) *curve_oid = d; @@ -667,7 +667,7 @@ hal_error_t hal_asn1_decode_pkcs8_privatekeyinfo(const uint8_t **alg_oid, size if ((err = hal_asn1_decode_header(ASN1_OCTET_STRING, d, der_end - d, &hlen, &vlen)) != HAL_OK) return err; d += hlen; - if (vlen >= algid_end - d) + if (vlen >= (size_t)(algid_end - d)) return HAL_ERROR_ASN1_PARSE_FAILED; if (privkey != NULL) *privkey = d; @@ -714,7 +714,7 @@ hal_error_t hal_asn1_decode_pkcs8_encryptedprivatekeyinfo(const uint8_t **alg_oi if ((err = hal_asn1_decode_header(ASN1_OBJECT_IDENTIFIER, d, algid_end - d, &hlen, &vlen)) != HAL_OK) return err; d += hlen; - if (vlen > algid_end - d) + if (vlen > (size_t)(algid_end - d)) return HAL_ERROR_ASN1_PARSE_FAILED; if (alg_oid != NULL) *alg_oid = d; @@ -736,7 +736,7 @@ hal_error_t hal_asn1_decode_pkcs8_encryptedprivatekeyinfo(const uint8_t **alg_oi if ((err = hal_asn1_decode_header(ASN1_OCTET_STRING, d, der_end - d, &hlen, &vlen)) != HAL_OK) return err; d += hlen; - if (vlen >= algid_end - d) + if (vlen >= (size_t)(algid_end - d)) return HAL_ERROR_ASN1_PARSE_FAILED; if (data != NULL) *data = d; @@ -135,7 +135,7 @@ static hal_core_t *probe_cores(void) if (core->info.name[0] == 0x00 || core->info.name[0] == 0xff) continue; - for (int i = 0; i < sizeof(gaps)/sizeof(*gaps); i++) { + for (size_t i = 0; i < sizeof(gaps)/sizeof(*gaps); i++) { if (name_matches(core, gaps[i].name)) { addr += gaps[i].extra; break; @@ -271,7 +271,7 @@ const hal_core_info_t *hal_core_info(const hal_core_t *core) return core == NULL ? NULL : &core->info; } -const int hal_core_busy(const hal_core_t *core) +int hal_core_busy(const hal_core_t *core) { return (int)core->busy; } @@ -199,7 +199,7 @@ const size_t hal_ecdsa_key_t_size = sizeof(struct hal_ecdsa_key); * first time anything asks for any of them. */ -static const ecdsa_curve_t * const get_curve(const hal_curve_name_t curve) +static const ecdsa_curve_t * get_curve(const hal_curve_name_t curve) { static ecdsa_curve_t curve_p256, curve_p384, curve_p521; static int initialized = 0; @@ -805,18 +805,18 @@ static hal_error_t verilog_point_pick_random(const verilog_ecdsa_driver_t * cons memset(b, 0, sizeof(b)); fp_to_unsigned_bin(k, b + sizeof(b) - len); - for (int i = 0; i < sizeof(b); i += 4) + for (size_t i = 0; i < sizeof(b); i += 4) check(hal_io_write(core, driver->k_addr + i/4, &b[sizeof(b) - 4 - i], 4)); check(hal_io_write(core, ADDR_CTRL, zero, sizeof(zero))); check(hal_io_next(core)); check(hal_io_wait_valid(core)); - for (int i = 0; i < sizeof(b); i += 4) + for (size_t i = 0; i < sizeof(b); i += 4) check(hal_io_read(core, driver->x_addr + i/4, &b[sizeof(b) - 4 - i], 4)); fp_read_unsigned_bin(P->x, b, sizeof(b)); - for (int i = 0; i < sizeof(b); i += 4) + for (size_t i = 0; i < sizeof(b); i += 4) check(hal_io_read(core, driver->y_addr + i/4, &b[sizeof(b) - 4 - i], 4)); fp_read_unsigned_bin(P->y, b, sizeof(b)); @@ -1421,7 +1421,7 @@ hal_error_t hal_ecdsa_private_key_from_der(hal_ecdsa_key_t **key_, if ((err = hal_asn1_decode_header(ASN1_EXPLICIT_1, d, der_end - d, &hlen, &vlen)) != HAL_OK) goto fail; d += hlen; - if (vlen > der_end - d) + if (vlen > (size_t)(der_end - d)) lose(HAL_ERROR_ASN1_PARSE_FAILED); if ((err = hal_asn1_decode_header(ASN1_BIT_STRING, d, vlen, &hlen, &vlen)) != HAL_OK) goto fail; @@ -1529,7 +1529,7 @@ hal_error_t hal_ecdsa_public_key_from_der(hal_ecdsa_key_t **key_, memcmp(alg_oid, hal_asn1_oid_ecPublicKey, alg_oid_len) != 0 || hal_ecdsa_oid_to_curve(&key->curve, curve_oid, curve_oid_len) != HAL_OK || pubkey_len < 3 || (pubkey_len & 1) == 0 || pubkey[0] != 0x04 || - pubkey_len / 2 != fp_unsigned_bin_size(unconst_fp_int(get_curve(key->curve)->q))) + pubkey_len / 2 != (size_t)(fp_unsigned_bin_size(unconst_fp_int(get_curve(key->curve)->q)))) return HAL_ERROR_ASN1_PARSE_FAILED; const uint8_t * const Qx = pubkey + 1; @@ -1595,7 +1595,7 @@ static hal_error_t decode_signature_pkcs11(const ecdsa_curve_t * const curve, const size_t n_len = signature_len / 2; - if (n_len > fp_unsigned_bin_size(unconst_fp_int(curve->n))) + if (n_len > (size_t)(fp_unsigned_bin_size(unconst_fp_int(curve->n)))) return HAL_ERROR_BAD_ARGUMENTS; fp_read_unsigned_bin(r, unconst_uint8_t(signature) + 0 * n_len, n_len); @@ -229,7 +229,7 @@ extern hal_error_t hal_core_alloc(const char *name, hal_core_t **core); extern void hal_core_free(hal_core_t *core); extern void hal_critical_section_start(void); extern void hal_critical_section_end(void); -extern const int hal_core_busy(const hal_core_t *core); +extern int hal_core_busy(const hal_core_t *core); /* * Slightly higher level public API, still working directly with cores. @@ -302,7 +302,7 @@ static inline hal_hash_state_t *alloc_static_hash_state(void) #if HAL_STATIC_HASH_STATE_BLOCKS > 0 - for (int i = 0; i < sizeof(static_hash_state)/sizeof(*static_hash_state); i++) + for (size_t i = 0; i < sizeof(static_hash_state)/sizeof(*static_hash_state); i++) if ((static_hash_state[i].flags & STATE_FLAG_STATE_ALLOCATED) == 0) return &static_hash_state[i]; @@ -316,7 +316,7 @@ static inline hal_hmac_state_t *alloc_static_hmac_state(void) #if HAL_STATIC_HMAC_STATE_BLOCKS > 0 - for (int i = 0; i < sizeof(static_hmac_state)/sizeof(*static_hmac_state); i++) + for (size_t i = 0; i < sizeof(static_hmac_state)/sizeof(*static_hmac_state); i++) if ((static_hmac_state[i].hash_state.flags & STATE_FLAG_STATE_ALLOCATED) == 0) return &static_hmac_state[i]; @@ -347,8 +347,8 @@ static inline void swytebop(void *out_, const void * const in_, const size_t n, return; case 0x04030201: - for (int i = 0; i < n; i += w) - for (int j = 0; j < w && i + j < n; j++) + for (size_t i = 0; i < n; i += w) + for (size_t j = 0; j < w && i + j < n; j++) out[i + j] = in[i + w - j - 1]; return; @@ -647,7 +647,7 @@ hal_error_t hal_hash_finalize(hal_hash_state_t *state, /* Opaqu hal_error_t err; uint8_t *p; size_t n; - int i; + size_t i; if (state == NULL || digest_buffer == NULL) return HAL_ERROR_BAD_ARGUMENTS; @@ -745,7 +745,7 @@ hal_error_t hal_hmac_initialize(hal_core_t *core, const hal_hash_driver_t * const driver = check_driver(descriptor); hal_hmac_state_t *state = state_buffer; hal_error_t err; - int i; + size_t i; if (descriptor == NULL || driver == NULL || state_ == NULL) return HAL_ERROR_BAD_ARGUMENTS; @@ -54,14 +54,16 @@ const hal_uuid_t hal_ks_pin_uuid = {{0}}; * result, leave the lru values alone and the right thing will happen. */ +#define BLOCK_UNUSED (~0U) + hal_ks_block_t *hal_ks_cache_pick_lru(hal_ks_t *ks) { uint32_t best_delta = 0; int best_index = 0; - for (int i = 0; i < ks->cache_size; i++) { + for (unsigned i = 0; i < ks->cache_size; i++) { - if (ks->cache[i].blockno == ~0) + if (ks->cache[i].blockno == BLOCK_UNUSED) return &ks->cache[i].block; const unsigned delta = ks->cache_lru - ks->cache[i].lru; @@ -72,7 +74,7 @@ hal_ks_block_t *hal_ks_cache_pick_lru(hal_ks_t *ks) } - ks->cache[best_index].blockno = ~0; + ks->cache[best_index].blockno = BLOCK_UNUSED; return &ks->cache[best_index].block; } @@ -82,7 +84,7 @@ hal_ks_block_t *hal_ks_cache_pick_lru(hal_ks_t *ks) hal_ks_block_t *hal_ks_cache_find_block(const hal_ks_t * const ks, const unsigned blockno) { - for (int i = 0; i < ks->cache_size; i++) + for (unsigned i = 0; i < ks->cache_size; i++) if (ks->cache[i].blockno == blockno) return &ks->cache[i].block; return NULL; @@ -94,7 +96,7 @@ hal_ks_block_t *hal_ks_cache_find_block(const hal_ks_t * const ks, const unsigne void hal_ks_cache_mark_used(hal_ks_t *ks, const hal_ks_block_t * const block, const unsigned blockno) { - for (int i = 0; i < ks->cache_size; i++) { + for (unsigned i = 0; i < ks->cache_size; i++) { if (&ks->cache[i].block == block) { ks->cache[i].blockno = blockno; ks->cache[i].lru = ++ks->cache_lru; @@ -110,7 +112,7 @@ void hal_ks_cache_mark_used(hal_ks_t *ks, const hal_ks_block_t * const block, co void hal_ks_cache_release(hal_ks_t *ks, const hal_ks_block_t * const block) { if (block != NULL) - hal_ks_cache_mark_used(ks, block, ~0); + hal_ks_cache_mark_used(ks, block, BLOCK_UNUSED); } /* @@ -283,8 +285,8 @@ hal_error_t hal_ks_init_common(hal_ks_t *ks) ks->used = 0; - for (int i = 0; i < ks->cache_size; i++) - ks->cache[i].blockno = ~0; + for (unsigned i = 0; i < ks->cache_size; i++) + ks->cache[i].blockno = BLOCK_UNUSED; /* * Scan existing content of keystore to figure out what we've got. @@ -295,14 +297,14 @@ hal_error_t hal_ks_init_common(hal_ks_t *ks) hal_ks_block_type_t block_types[ks->size]; hal_ks_block_status_t block_status[ks->size]; hal_ks_block_t *block = hal_ks_cache_pick_lru(ks); - int first_erased = -1; + unsigned first_erased = BLOCK_UNUSED; hal_error_t err; uint16_t n = 0; if (block == NULL) return HAL_ERROR_IMPOSSIBLE; - for (int i = 0; i < ks->size; i++) { + for (unsigned i = 0; i < ks->size; i++) { /* * Read one block. If the CRC is bad or the block type is @@ -340,7 +342,7 @@ hal_error_t hal_ks_init_common(hal_ks_t *ks) * First erased block we see is head of the free list. */ - if (block_types[i] == HAL_KS_BLOCK_TYPE_ERASED && first_erased < 0) + if (block_types[i] == HAL_KS_BLOCK_TYPE_ERASED && first_erased == BLOCK_UNUSED) first_erased = i; /* @@ -378,22 +380,22 @@ hal_error_t hal_ks_init_common(hal_ks_t *ks) */ if (n < ks->size) - for (int i = 0; i < ks->size; i++) + for (unsigned i = 0; i < ks->size; i++) if (block_types[i] == HAL_KS_BLOCK_TYPE_ERASED) ks->index[n++] = i; - if (n < ks->size) - for (int i = first_erased; i < ks->size; i++) + if (n < ks->size && first_erased != BLOCK_UNUSED) + for (unsigned i = first_erased; i < ks->size; i++) if (block_types[i] == HAL_KS_BLOCK_TYPE_ZEROED) ks->index[n++] = i; - if (n < ks->size) - for (int i = 0; i < first_erased; i++) + if (n < ks->size && first_erased != BLOCK_UNUSED) + for (unsigned i = 0; i < first_erased; i++) if (block_types[i] == HAL_KS_BLOCK_TYPE_ZEROED) ks->index[n++] = i; if (n < ks->size) - for (int i = 0; i < ks->size; i++) + for (unsigned i = 0; i < ks->size; i++) if (block_types[i] == HAL_KS_BLOCK_TYPE_UNKNOWN) ks->index[n++] = i; @@ -427,16 +429,16 @@ hal_error_t hal_ks_init_common(hal_ks_t *ks) return err; if (b_tomb != ks->index[where]) { - if (ks->used > where + 1 && b_tomb == ks->index[where + 1]) + if ((int)ks->used > where + 1 && b_tomb == ks->index[where + 1]) where = where + 1; - else if (0 <= where - 1 && b_tomb == ks->index[where - 1]) + else if (0 <= where - 1 && b_tomb == ks->index[where - 1]) where = where - 1; else return HAL_ERROR_IMPOSSIBLE; } - const int matches_next = where + 1 < ks->used && !hal_uuid_cmp(&name, &ks->names[ks->index[where + 1]]); - const int matches_prev = where - 1 >= 0 && !hal_uuid_cmp(&name, &ks->names[ks->index[where - 1]]); + const int matches_next = where + 1 < (int)ks->used && !hal_uuid_cmp(&name, &ks->names[ks->index[where + 1]]); + const int matches_prev = where - 1 >= 0 && !hal_uuid_cmp(&name, &ks->names[ks->index[where - 1]]); if ((matches_prev && matches_next) || (matches_prev && block_status[ks->index[b_tomb - 1]] != HAL_KS_BLOCK_STATUS_LIVE) || @@ -738,7 +740,7 @@ hal_error_t hal_ks_match(hal_ks_t *ks, else if (err != HAL_OK) goto done; - while (*result_len < result_max && ++i < ks->used) { + while (*result_len < result_max && ++i < (int)ks->used) { unsigned b = ks->index[i]; @@ -774,7 +776,7 @@ hal_error_t hal_ks_match(hal_ks_t *ks, if ((err = hal_ks_attribute_scan(bytes, bytes_len, attrs, *attrs_len, NULL)) != HAL_OK) goto done; - for (int j = 0; possible && j < attributes_len; j++) { + for (unsigned j = 0; possible && j < attributes_len; j++) { if (!need_attr[j]) continue; @@ -840,7 +842,7 @@ hal_error_t hal_ks_set_attributes(hal_ks_t *ks, if ((err = hal_ks_attribute_scan(bytes, bytes_len, attrs, *attrs_len, &total)) != HAL_OK) goto done; - for (int i = 0; err == HAL_OK && i < attributes_len; i++) + for (unsigned i = 0; err == HAL_OK && i < attributes_len; i++) if (attributes[i].length == HAL_PKEY_ATTRIBUTE_NIL) err = hal_ks_attribute_delete(bytes, bytes_len, attrs, attrs_len, &total, attributes[i].type); @@ -872,7 +874,7 @@ hal_error_t hal_ks_get_attributes(hal_ks_t *ks, attributes_buffer == NULL) return HAL_ERROR_BAD_ARGUMENTS; - for (int i = 0; i < attributes_len; i++) { + for (unsigned i = 0; i < attributes_len; i++) { attributes[i].length = 0; attributes[i].value = NULL; } @@ -910,12 +912,12 @@ hal_error_t hal_ks_get_attributes(hal_ks_t *ks, if ((err = hal_ks_attribute_scan(bytes, bytes_len, attrs, *attrs_len, NULL)) != HAL_OK) goto done; - for (int i = 0; i < attributes_len; i++) { + for (unsigned i = 0; i < attributes_len; i++) { if (attributes[i].length > 0) continue; - int j = 0; + unsigned j = 0; while (j < *attrs_len && attrs[j].type != attributes[i].type) j++; if (j >= *attrs_len) @@ -927,7 +929,7 @@ hal_error_t hal_ks_get_attributes(hal_ks_t *ks, if (attributes_buffer_len == 0) continue; - if (attrs[j].length > attributes_buffer + attributes_buffer_len - abuf) { + if (attrs[j].length > (size_t)(attributes_buffer + attributes_buffer_len - abuf)) { err = HAL_ERROR_RESULT_TOO_LONG; goto done; } @@ -139,6 +139,7 @@ typedef struct { #endif } hal_ks_pin_block_t; +#define FLASH_KEK_NOT_SET 0 #define FLASH_KEK_SET 0x33333333 /* diff --git a/ks_attribute.c b/ks_attribute.c index ec674f5..1eefefb 100644 --- a/ks_attribute.c +++ b/ks_attribute.c @@ -89,7 +89,7 @@ hal_error_t hal_ks_attribute_scan(const uint8_t * const bytes, const size_t byte const uint8_t *b = bytes; const uint8_t * const end = bytes + bytes_len; - for (int i = 0; i < attributes_len; i++) { + for (unsigned i = 0; i < attributes_len; i++) { uint32_t type; size_t length; hal_error_t err = read_header(b, end - b, &type, &length); @@ -125,7 +125,7 @@ hal_error_t hal_ks_attribute_delete(uint8_t *bytes, const size_t bytes_len, * attribute of any given type. */ - int i = 0; + unsigned i = 0; while (i < *attributes_len && attributes[i].type != type) i++; @@ -55,7 +55,7 @@ static int ks_find(const hal_ks_t * const ks, if (ks == NULL || ks->index == NULL || ks->names == NULL || uuid == NULL || where == NULL) return 0; - if (hint != NULL && *hint >= 0 && *hint < ks->used && + if (hint != NULL && *hint >= 0 && *hint < (int)ks->used && hal_uuid_cmp(uuid, &ks->names[ks->index[*hint]]) == 0) { *where = *hint; return 1; @@ -153,7 +153,7 @@ hal_error_t hal_ks_index_fsck(hal_ks_t *ks) ks->size == 0 || ks->used > ks->size) return HAL_ERROR_BAD_ARGUMENTS; - for (int i = 1; i < ks->used; i++) + for (unsigned i = 1; i < ks->used; i++) if (hal_uuid_cmp(&ks->names[ks->index[i - 1]], &ks->names[ks->index[i]]) >= 0) return HAL_ERROR_KS_INDEX_UUID_MISORDERED; @@ -52,7 +52,7 @@ #include "last_gasp_pin_internal.h" -#define HAL_OK CMIS_HAL_OK +#define HAL_OK CMSIS_HAL_OK #include "stm-keystore.h" #undef HAL_OK @@ -106,10 +106,9 @@ static hal_error_t ks_token_read(hal_ks_t *ks, const unsigned blockno, hal_ks_bl if (ks != hal_ks_token || block == NULL || blockno >= NUM_FLASH_BLOCKS || sizeof(*block) != HAL_KS_BLOCK_SIZE) return HAL_ERROR_IMPOSSIBLE; - /* Sigh, magic numeric return codes */ if (keystore_read_data(ks_token_offset(blockno), block->bytes, - KEYSTORE_PAGE_SIZE) != 1) + KEYSTORE_PAGE_SIZE) != CMSIS_HAL_OK) return HAL_ERROR_KEYSTORE_ACCESS; switch (hal_ks_block_get_type(block)) { @@ -131,10 +130,9 @@ static hal_error_t ks_token_read(hal_ks_t *ks, const unsigned blockno, hal_ks_bl return HAL_ERROR_KEYSTORE_BAD_BLOCK_TYPE; } - /* Sigh, magic numeric return codes */ if (keystore_read_data(ks_token_offset(blockno) + KEYSTORE_PAGE_SIZE, block->bytes + KEYSTORE_PAGE_SIZE, - sizeof(*block) - KEYSTORE_PAGE_SIZE) != 1) + sizeof(*block) - KEYSTORE_PAGE_SIZE) != CMSIS_HAL_OK) return HAL_ERROR_KEYSTORE_ACCESS; if (hal_ks_block_calculate_crc(block) != block->header.crc) @@ -158,14 +156,12 @@ static hal_error_t ks_token_deprecate(hal_ks_t *ks, const unsigned blockno) hal_ks_block_header_t *header = (void *) page; uint32_t offset = ks_token_offset(blockno); - /* Sigh, magic numeric return codes */ - if (keystore_read_data(offset, page, sizeof(page)) != 1) + if (keystore_read_data(offset, page, sizeof(page)) != CMSIS_HAL_OK) return HAL_ERROR_KEYSTORE_ACCESS; header->block_status = HAL_KS_BLOCK_STATUS_TOMBSTONE; - /* Sigh, magic numeric return codes */ - if (keystore_write_data(offset, page, sizeof(page)) != 1) + if (keystore_write_data(offset, page, sizeof(page)) != CMSIS_HAL_OK) return HAL_ERROR_KEYSTORE_ACCESS; return HAL_OK; @@ -182,8 +178,7 @@ static hal_error_t ks_token_zero(hal_ks_t *ks, const unsigned blockno) uint8_t page[KEYSTORE_PAGE_SIZE] = {0}; - /* Sigh, magic numeric return codes */ - if (keystore_write_data(ks_token_offset(blockno), page, sizeof(page)) != 1) + if (keystore_write_data(ks_token_offset(blockno), page, sizeof(page)) != CMSIS_HAL_OK) return HAL_ERROR_KEYSTORE_ACCESS; return HAL_OK; @@ -202,8 +197,7 @@ static hal_error_t ks_token_erase(hal_ks_t *ks, const unsigned blockno) const unsigned end = (blockno + 1) * SUBSECTORS_PER_BLOCK; do { - /* Sigh, magic numeric return codes */ - if (keystore_erase_subsector(subsector) != 1) + if (keystore_erase_subsector(subsector) != CMSIS_HAL_OK) return HAL_ERROR_KEYSTORE_ACCESS; } while (++subsector < end); @@ -229,7 +223,7 @@ static hal_error_t ks_token_erase_maybe(hal_ks_t *ks, const unsigned blockno) for (uint32_t a = ks_token_offset(blockno); a < ks_token_offset(blockno + 1); a += KEYSTORE_PAGE_SIZE) { uint8_t page[KEYSTORE_PAGE_SIZE]; - if (keystore_read_data(a, page, sizeof(page)) != 1) + if (keystore_read_data(a, page, sizeof(page)) != CMSIS_HAL_OK) return HAL_ERROR_KEYSTORE_ACCESS; for (int i = 0; i < KEYSTORE_PAGE_SIZE; i++) mask &= page[i]; @@ -261,8 +255,7 @@ static hal_error_t ks_token_write(hal_ks_t *ks, const unsigned blockno, hal_ks_b break; } - /* Sigh, magic numeric return codes */ - if (keystore_write_data(ks_token_offset(blockno), block->bytes, sizeof(*block)) != 1) + if (keystore_write_data(ks_token_offset(blockno), block->bytes, sizeof(*block)) != CMSIS_HAL_OK) return HAL_ERROR_KEYSTORE_ACCESS; return HAL_OK; @@ -417,7 +410,7 @@ hal_ks_t * const hal_ks_token = &_db.ks; void hal_ks_init_read_only_pins_only(void) { - unsigned b, best_seen = ~0; + unsigned b, best_seen = NUM_FLASH_BLOCKS; hal_ks_block_t block[1]; hal_ks_lock(); @@ -431,11 +424,11 @@ void hal_ks_init_read_only_pins_only(void) break; } - if (b != best_seen && best_seen != ~0 && + if (b != best_seen && best_seen != NUM_FLASH_BLOCKS && hal_ks_block_read(hal_ks_token, best_seen, block) != HAL_OK) - best_seen = ~0; + best_seen = NUM_FLASH_BLOCKS; - if (best_seen == ~0) { + if (best_seen == NUM_FLASH_BLOCKS) { memset(block, 0xFF, sizeof(*block)); block->pin.wheel_pin = hal_last_gasp_pin; } @@ -653,7 +646,7 @@ hal_error_t hal_mkm_flash_erase(const size_t len) hal_ks_pin_block_t new_data = block->pin; - new_data.kek_set = FLASH_KEK_SET; + new_data.kek_set = FLASH_KEK_NOT_SET; memset(new_data.kek, 0, len); err = update_pin_block(b, block, &new_data); diff --git a/ks_volatile.c b/ks_volatile.c index 1586f3d..2d0abd4 100644 --- a/ks_volatile.c +++ b/ks_volatile.c @@ -227,7 +227,7 @@ static hal_error_t ks_volatile_logout(hal_ks_t *ks, if (ks != hal_ks_volatile || client.handle == HAL_HANDLE_NONE) return HAL_ERROR_IMPOSSIBLE; - for (int i = 0; i < ks->used; i++) { + for (unsigned i = 0; i < ks->used; i++) { unsigned b = ks->index[i]; hal_error_t err; int hint = i; @@ -90,7 +90,6 @@ hal_error_t hal_pbkdf2(hal_core_t *core, unsigned iteration; hal_error_t err; uint32_t block; - int i; if (descriptor == NULL || password == NULL || salt == NULL || derived_key == NULL || derived_key_length == 0 || @@ -108,13 +107,6 @@ hal_error_t hal_pbkdf2(hal_core_t *core, memset(result, 0, sizeof(result)); memset(mac, 0, sizeof(mac)); -#if 1 - /* HACK - find the second sha256 core, to avoid interfering with rpc. - */ - core = hal_core_find(descriptor->core_name, NULL); - core = hal_core_find(descriptor->core_name, core); -#endif - /* * We probably should check here to see whether the password is * longer than the HMAC block size, and, if so, we should hash the @@ -153,7 +145,7 @@ hal_error_t hal_pbkdf2(hal_core_t *core, 0, mac, sizeof(mac))) != HAL_OK) return err; - for (i = 0; i < descriptor->digest_length; i++) + for (size_t i = 0; i < descriptor->digest_length; i++) result[i] ^= mac[i]; } @@ -352,7 +352,7 @@ hal_error_t hal_rpc_pkey_match(const hal_client_handle_t client, return HAL_ERROR_BAD_ARGUMENTS; if (attributes != NULL) - for (int i = 0; i < attributes_len; i++) + for (size_t i = 0; i < attributes_len; i++) if (attributes[i].value == NULL) return HAL_ERROR_BAD_ARGUMENTS; @@ -93,7 +93,7 @@ static inline handle_slot_t *alloc_handle(const int is_hmac) #if HAL_STATIC_HASH_STATE_BLOCKS > 0 if (!is_hmac) { - for (int i = 0; i < sizeof(hash_handle)/sizeof(*hash_handle); i++) { + for (size_t i = 0; i < sizeof(hash_handle)/sizeof(*hash_handle); i++) { if (hash_handle[i].state.hash != NULL) continue; hash_handle[i].hash_handle.handle = i | glop; @@ -104,7 +104,7 @@ static inline handle_slot_t *alloc_handle(const int is_hmac) #if HAL_STATIC_HMAC_STATE_BLOCKS > 0 if (is_hmac) { - for (int i = 0; i < sizeof(hmac_handle)/sizeof(*hmac_handle); i++) { + for (size_t i = 0; i < sizeof(hmac_handle)/sizeof(*hmac_handle); i++) { if (hmac_handle[i].state.hmac != NULL) continue; hmac_handle[i].hash_handle.handle = i | glop | HANDLE_FLAG_HMAC; @@ -124,7 +124,7 @@ static inline handle_slot_t *alloc_handle(const int is_hmac) static inline handle_slot_t *find_handle(const hal_hash_handle_t handle) { #if HAL_STATIC_HASH_STATE_BLOCKS > 0 || HAL_STATIC_HMAC_STATE_BLOCKS > 0 - const int i = (int) (handle.handle & 0xFFFF); + const size_t i = (size_t) (handle.handle & 0xFFFF); const int is_hmac = (handle.handle & HANDLE_FLAG_HMAC) != 0; #endif @@ -116,12 +116,12 @@ static inline hal_error_t alloc_slot(const hal_client_handle_t client, #if HAL_STATIC_CLIENT_STATE_BLOCKS > 0 - for (int i = 0; slot == NULL && i < sizeof(client_handle)/sizeof(*client_handle); i++) + for (size_t i = 0; slot == NULL && i < sizeof(client_handle)/sizeof(*client_handle); i++) if (client_handle[i].logged_in != HAL_USER_NONE && client_handle[i].handle.handle == client.handle) slot = &client_handle[i]; - for (int i = 0; slot == NULL && i < sizeof(client_handle)/sizeof(*client_handle); i++) + for (size_t i = 0; slot == NULL && i < sizeof(client_handle)/sizeof(*client_handle); i++) if (client_handle[i].logged_in == HAL_USER_NONE) slot = &client_handle[i]; @@ -161,7 +161,7 @@ static inline client_slot_t *find_handle(const hal_client_handle_t handle) hal_critical_section_start(); #if HAL_STATIC_CLIENT_STATE_BLOCKS > 0 - for (int i = 0; slot == NULL && i < sizeof(client_handle)/sizeof(*client_handle); i++) + for (size_t i = 0; slot == NULL && i < sizeof(client_handle)/sizeof(*client_handle); i++) if (client_handle[i].logged_in != HAL_USER_NONE && client_handle[i].handle.handle == handle.handle) slot = &client_handle[i]; #endif @@ -191,7 +191,7 @@ static hal_error_t login(const hal_client_handle_t client, return err; unsigned diff = 0; - for (int i = 0; i < sizeof(buf); i++) + for (size_t i = 0; i < sizeof(buf); i++) diff |= buf[i] ^ p->pin[i]; if (diff != 0) { @@ -227,7 +227,7 @@ static hal_error_t logout_all(void) client_slot_t *slot; hal_error_t err; - int i = 0; + size_t i = 0; do { @@ -78,7 +78,7 @@ static inline hal_pkey_slot_t *alloc_slot(const hal_key_flags_t flags) if ((flags & HAL_KEY_FLAG_TOKEN) != 0) glop |= HAL_PKEY_HANDLE_TOKEN_FLAG; - for (int i = 0; slot == NULL && i < sizeof(pkey_slot)/sizeof(*pkey_slot); i++) { + for (size_t i = 0; slot == NULL && i < sizeof(pkey_slot)/sizeof(*pkey_slot); i++) { if (pkey_slot[i].pkey.handle != HAL_HANDLE_NONE) continue; memset(&pkey_slot[i], 0, sizeof(pkey_slot[i])); @@ -118,7 +118,7 @@ static inline hal_pkey_slot_t *find_handle(const hal_pkey_handle_t handle) hal_critical_section_start(); #if HAL_STATIC_PKEY_STATE_BLOCKS > 0 - const int i = (int) (handle.handle & 0xFFFF); + const size_t i = handle.handle & 0xFFFF; if (i < sizeof(pkey_slot)/sizeof(*pkey_slot) && pkey_slot[i].pkey.handle == handle.handle) slot = &pkey_slot[i]; @@ -145,7 +145,7 @@ hal_error_t hal_pkey_logout(const hal_client_handle_t client) hal_critical_section_start(); - for (int i = 0; i < sizeof(pkey_slot)/sizeof(*pkey_slot); i++) + for (size_t i = 0; i < sizeof(pkey_slot)/sizeof(*pkey_slot); i++) if (pkey_slot[i].pkey.handle == client.handle) memset(&pkey_slot[i], 0, sizeof(pkey_slot[i])); @@ -907,7 +907,7 @@ static hal_error_t pkey_local_verify_rsa(uint8_t *keybuf, const size_t keybuf_le return err; unsigned diff = 0; - for (int i = 0; i < signature_len; i++) + for (size_t i = 0; i < signature_len; i++) diff |= expected[i] ^ received[i + sizeof(received) - sizeof(expected)]; if (diff != 0) diff --git a/rpc_server.c b/rpc_server.c index f64d7d6..4a5fa4c 100644 --- a/rpc_server.c +++ b/rpc_server.c @@ -74,7 +74,7 @@ static hal_error_t get_random(const uint8_t **iptr, const uint8_t * const ilimit check(hal_xdr_decode_int(iptr, ilimit, &client.handle)); check(hal_xdr_decode_int(iptr, ilimit, &length)); /* sanity check length */ - if (length == 0 || length > olimit - *optr - 4) + if (length == 0 || length > (uint32_t)(olimit - *optr - 4)) return HAL_ERROR_RPC_PACKET_OVERFLOW; /* call the local function */ @@ -206,7 +206,7 @@ static hal_error_t hash_get_digest_algorithm_id(const uint8_t **iptr, const uint check(hal_xdr_decode_int(iptr, ilimit, &alg)); check(hal_xdr_decode_int(iptr, ilimit, &len_max)); /* sanity check len_max */ - if (len_max > olimit - *optr - 4) + if (len_max > (uint32_t)(olimit - *optr - 4)) return HAL_ERROR_RPC_PACKET_OVERFLOW; /* call the local function */ @@ -301,7 +301,7 @@ static hal_error_t hash_finalize(const uint8_t **iptr, const uint8_t * const ili check(hal_xdr_decode_int(iptr, ilimit, &hash.handle)); check(hal_xdr_decode_int(iptr, ilimit, &length)); /* sanity check length */ - if (length == 0 || length > olimit - *optr - 4) + if (length == 0 || length > (uint32_t)(olimit - *optr - 4)) return HAL_ERROR_RPC_PACKET_OVERFLOW; /* call the local function */ @@ -559,7 +559,7 @@ static hal_error_t pkey_get_public_key(const uint8_t **iptr, const uint8_t * con check(hal_xdr_decode_int(iptr, ilimit, &pkey.handle)); check(hal_xdr_decode_int(iptr, ilimit, &len_max)); /* sanity check len_max */ - if (len_max > olimit - *optr - 4) + if (len_max > (uint32_t)(olimit - *optr - 4)) return HAL_ERROR_RPC_PACKET_OVERFLOW; /* call the local function */ @@ -597,7 +597,7 @@ static hal_error_t pkey_sign(const uint8_t **iptr, const uint8_t * const ilimit, check(hal_xdr_decode_buffer_in_place(iptr, ilimit, &input, &input_len)); check(hal_xdr_decode_int(iptr, ilimit, &sig_max)); /* sanity check sig_max */ - if (sig_max > olimit - *optr - 4) + if (sig_max > (uint32_t)(olimit - *optr - 4)) return HAL_ERROR_RPC_PACKET_OVERFLOW; /* call the local function */ @@ -657,7 +657,7 @@ static hal_error_t pkey_match(const uint8_t **iptr, const uint8_t * const ilimit hal_pkey_attribute_t attributes[attributes_len > 0 ? attributes_len : 1]; - for (int i = 0; i < attributes_len; i++) { + for (size_t i = 0; i < attributes_len; i++) { hal_pkey_attribute_t *a = &attributes[i]; const uint8_t *value; uint32_t value_len; @@ -690,7 +690,7 @@ static hal_error_t pkey_match(const uint8_t **iptr, const uint8_t * const ilimit if (ret == HAL_OK) ret = hal_xdr_encode_int(optr, olimit, result_len); - for (int i = 0; ret == HAL_OK && i < result_len; ++i) + for (size_t i = 0; ret == HAL_OK && i < result_len; ++i) ret = hal_xdr_encode_buffer(optr, olimit, result[i].uuid, sizeof(result[i].uuid)); if (ret != HAL_OK) @@ -713,7 +713,7 @@ static hal_error_t pkey_set_attributes(const uint8_t **iptr, const uint8_t * con hal_pkey_attribute_t attributes[attributes_len > 0 ? attributes_len : 1]; - for (int i = 0; i < attributes_len; i++) { + for (size_t i = 0; i < attributes_len; i++) { hal_pkey_attribute_t *a = &attributes[i]; check(hal_xdr_decode_int(iptr, ilimit, &a->type)); const uint8_t *iptr_prior_to_decoding_length = *iptr; @@ -749,14 +749,14 @@ static hal_error_t pkey_get_attributes(const uint8_t **iptr, const uint8_t * con hal_pkey_attribute_t attributes[attributes_len > 0 ? attributes_len : 1]; - for (int i = 0; i < attributes_len; i++) + for (size_t i = 0; i < attributes_len; i++) check(hal_xdr_decode_int(iptr, ilimit, &attributes[i].type)); check(hal_xdr_decode_int(iptr, ilimit, &u32)); const size_t attributes_buffer_len = u32; - if (nargs(1 + 2 * attributes_len) + attributes_buffer_len > olimit - *optr) + if (nargs(1 + 2 * attributes_len) + attributes_buffer_len > (uint32_t)(olimit - *optr)) return HAL_ERROR_RPC_PACKET_OVERFLOW; uint8_t attributes_buffer[attributes_buffer_len > 0 ? attributes_buffer_len : 1]; @@ -766,7 +766,7 @@ static hal_error_t pkey_get_attributes(const uint8_t **iptr, const uint8_t * con if (ret == HAL_OK) { ret = hal_xdr_encode_int(optr, olimit, attributes_len); - for (int i = 0; ret == HAL_OK && i < attributes_len; i++) { + for (size_t i = 0; ret == HAL_OK && i < attributes_len; i++) { ret = hal_xdr_encode_int(optr, olimit, attributes[i].type); if (ret != HAL_OK) break; @@ -830,7 +830,7 @@ static hal_error_t find_prime(const unsigned prime_length, fp_read_unsigned_bin(result, buffer, sizeof(buffer)); - for (int i = 0; i < sizeof(small_prime)/sizeof(*small_prime); i++) { + for (size_t i = 0; i < sizeof(small_prime)/sizeof(*small_prime); i++) { fp_digit d; fp_mod_d(result, small_prime[i], &d); remainder[i] = d; @@ -839,10 +839,10 @@ static hal_error_t find_prime(const unsigned prime_length, for (;;) { int possible = 1; - for (int i = 0; i < sizeof(small_prime)/sizeof(*small_prime); i++) + for (size_t i = 0; i < sizeof(small_prime)/sizeof(*small_prime); i++) possible &= remainder[i] != 0; - for (int i = 0; possible && i < HAL_RSA_MILLER_RABIN_TESTS; i++) { + for (size_t i = 0; possible && i < HAL_RSA_MILLER_RABIN_TESTS; i++) { fp_set(t, small_prime[i]); fp_prime_miller_rabin(result, t, &possible); } @@ -860,7 +860,7 @@ static hal_error_t find_prime(const unsigned prime_length, fp_add_d(result, 2, result); - for (int i = 0; i < sizeof(small_prime)/sizeof(*small_prime); i++) + for (size_t i = 0; i < sizeof(small_prime)/sizeof(*small_prime); i++) if ((remainder[i] += 2) >= small_prime[i]) remainder[i] -= small_prime[i]; } @@ -85,7 +85,7 @@ hal_error_t hal_slip_send(const uint8_t * const buf, const size_t len) /* for each byte in the packet, send the appropriate character * sequence */ - for (int i = 0; i < len; ++i) { + for (size_t i = 0; i < len; ++i) { hal_error_t ret; if ((ret = hal_slip_send_char(buf[i])) != HAL_OK) return ret; diff --git a/tests/test-aes-key-wrap.c b/tests/test-aes-key-wrap.c index 5ecd46d..aa894cc 100644 --- a/tests/test-aes-key-wrap.c +++ b/tests/test-aes-key-wrap.c @@ -163,7 +163,7 @@ static int run_test(hal_core_t *core, return ok1 && ok2; } -int main (int argc, char *argv[]) +int main(void) { int failures = 0; diff --git a/tests/test-ecdsa.c b/tests/test-ecdsa.c index da2b367..fe04a87 100644 --- a/tests/test-ecdsa.c +++ b/tests/test-ecdsa.c @@ -359,7 +359,7 @@ static void show_core(const hal_core_t *core, const char *whinge) printf("%s core not present\n", whinge); } -int main(int argc, char *argv[]) +int main(void) { const hal_core_t *sha256_core = hal_core_find(SHA256_NAME, NULL); const hal_core_t *sha512_core = hal_core_find(SHA512_NAME, NULL); diff --git a/tests/test-hash.c b/tests/test-hash.c index 4e78243..20bd446 100644 --- a/tests/test-hash.c +++ b/tests/test-hash.c @@ -652,7 +652,7 @@ static void show_core(hal_core_t *core, const char *whinge) printf("%s core not present\n", whinge); } -int main (int argc, char *argv[]) +int main(void) { hal_core_t * const sha1_core = hal_core_find(SHA1_NAME, NULL); hal_core_t * const sha256_core = hal_core_find(SHA256_NAME, NULL); diff --git a/tests/test-pbkdf2.c b/tests/test-pbkdf2.c index f3072a7..603a833 100644 --- a/tests/test-pbkdf2.c +++ b/tests/test-pbkdf2.c @@ -196,7 +196,7 @@ static int _test_pbkdf2(hal_core_t *core, pbkdf2_tc_##_n_##_DK, sizeof(pbkdf2_tc_##_n_##_DK), \ pbkdf2_tc_##_n_##_count, #_n_) -int main (int argc, char *argv[]) +int main(void) { hal_core_t *core = hal_core_find(SHA1_NAME, NULL); int ok = 1; diff --git a/tests/test-rsa.c b/tests/test-rsa.c index e73feea..176ba03 100644 --- a/tests/test-rsa.c +++ b/tests/test-rsa.c @@ -305,7 +305,7 @@ static int test_rsa(hal_core_t *core, const rsa_tc_t * const tc) return ok; } -int main(int argc, char *argv[]) +int main(void) { hal_core_t *core = hal_core_find(MODEXPS6_NAME, NULL); if (core == NULL) @@ -323,7 +323,7 @@ int main(int argc, char *argv[]) /* Normal test */ - for (int i = 0; i < (sizeof(rsa_tc)/sizeof(*rsa_tc)); i++) + for (size_t i = 0; i < (sizeof(rsa_tc)/sizeof(*rsa_tc)); i++) if (!test_rsa(core, &rsa_tc[i])) return 1; diff --git a/utils/cores.c b/utils/cores.c index b055dea..1126e85 100644 --- a/utils/cores.c +++ b/utils/cores.c @@ -42,7 +42,7 @@ #include <hal.h> #include <verilog_constants.h> -int main(int argc, char *argv[]) +int main(void) { hal_core_t *core; const hal_core_info_t *info; @@ -34,6 +34,7 @@ #include <stdio.h> #include <stdint.h> +#include <stddef.h> /* ptrdiff_t */ #include <string.h> /* memcpy, memset */ #include "hal.h" @@ -52,7 +53,7 @@ hal_error_t hal_xdr_encode_int(uint8_t ** const outbuf, const uint8_t * const li return HAL_ERROR_BAD_ARGUMENTS; /* buffer overflow check */ - if (limit - *outbuf < sizeof(value)) + if (limit - *outbuf < (ptrdiff_t)sizeof(value)) return HAL_ERROR_XDR_BUFFER_OVERFLOW; **(uint32_t **)outbuf = htonl(value); @@ -67,7 +68,7 @@ hal_error_t hal_xdr_decode_int(const uint8_t ** const inbuf, const uint8_t * con return HAL_ERROR_BAD_ARGUMENTS; /* buffer overflow check */ - if (limit - *inbuf < sizeof(*value)) + if (limit - *inbuf < (ptrdiff_t)sizeof(*value)) return HAL_ERROR_XDR_BUFFER_OVERFLOW; *value = ntohl(**(uint32_t **)inbuf); @@ -101,7 +102,7 @@ hal_error_t hal_xdr_encode_buffer(uint8_t **outbuf, const uint8_t * const limit, return HAL_ERROR_BAD_ARGUMENTS; /* buffer overflow check */ - if ((limit - *outbuf) < (((len + 3) & ~3) + sizeof(len))) + if (limit - *outbuf < (ptrdiff_t)(((len + 3) & ~3) + sizeof(len))) return HAL_ERROR_XDR_BUFFER_OVERFLOW; /* encode length */ @@ -144,7 +145,7 @@ hal_error_t hal_xdr_decode_buffer_in_place(const uint8_t **inbuf, const uint8_t /* decoded length is past the end of the input buffer; * we're probably out of sync, but nothing we can do now */ - if (limit - *inbuf < xdr_len) { + if (limit - *inbuf < (ptrdiff_t)xdr_len) { /* undo read of length */ *inbuf = orig_inbuf; return HAL_ERROR_XDR_BUFFER_OVERFLOW; |