From patchwork Wed Oct 8 09:28:54 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gert Doering X-Patchwork-Id: 4477 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7000:7d42:b0:72f:f16c:e055 with SMTP id fr2csp802296mab; Wed, 8 Oct 2025 02:29:12 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCVJ+GJkcIDJrSYa4+x5uq25hfPw+ouKaumJ/fM7xD4QL840H2lK6hfbnmoWjwSIYNgNzvjElZ+5ARA=@openvpn.net X-Google-Smtp-Source: AGHT+IFAnAXyMrc8vtCIrf16XeQJrxHBysw9/TyE/r5XA5INnNkc8kD/HSFIYqbUnlmq8Ws45E+M X-Received: by 2002:a05:6808:2293:b0:43b:252e:f7aa with SMTP id 5614622812f47-4417b30ae7bmr1405781b6e.21.1759915752429; Wed, 08 Oct 2025 02:29:12 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1759915752; cv=none; d=google.com; s=arc-20240605; b=PYe2+9RRnlF7DLS1aEFeVRKVReepUuzXWU3FsSJD0HUduH2AIjxWiBYMSecCzhlaus Y9XadWhtJ3WDqSSyATkNyqnsuCwV6Sn4hH07JwMqCWBxJZ/7USW9uraW8o1jjVN/59h9 pdzQUjM211v4nbLhAiTgq99Kule3a+qg8ZrF8nfa2zOnqd90dp56/HwSLBvlFUT2+Hri JrpQ3xWkU1vVECANToa85kWG6F0dw0PX3ENA+gCbdG+OMSiIXyKqO0KvY5RXm6mJmuU+ f7pjBJQ6E3O6ysxwnK0ANcxjnM3qd/to07oP2PUOAWPmQ9vvI0hlXEnncJ0+wbqyTAuK Ul4A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=errors-to:content-transfer-encoding:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:references:in-reply-to:message-id:date:to:from :dkim-signature:dkim-signature:dkim-signature; bh=zw/ePHT4Q1b96vMn9vpr7+3wlrHR1Fg+o77H42TWumA=; fh=4NbAC/LsuMLI0S0hprUlLSLCiHwg6SCAifhH718Jh0Q=; b=Fc9H9bFtbNZ11UVXLzPeOH86xiEcJM7TqS5qZdR7mz3GpoSmwP7JnEjUqhq/3aD0+i fKE0JROFDSERd2wBymHr38ShgFX6ajQBISLy5QlyXJP4OkLES0wkFdMPK3FmwkDwzTmF nEqrtYByPf+eDKS7lHjaUjofOiYmInTO4plsz8g50pqdykuRfSdgBs1ndtvIiLOYc96n kgbdMGPP2Vedz81FDqB1S7yqjHBMBIkg06Tuehuv4mLNO8wfu1vQSJi0eOYq9fpPR+bB /lELWJsQeOcGizo3vx3JIxx2/kYdcWL1XnVeUI1+PbfmGkaCgnE9bWWq5SiNgjnGDbWG n2PA==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@lists.sourceforge.net header.s=beta header.b=NH7hH0lK; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=QTPaAi3S; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=efTpeddp; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id 5614622812f47-43fc195ada2si3612202b6e.253.2025.10.08.02.29.12 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 08 Oct 2025 02:29:12 -0700 (PDT) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=pass header.i=@lists.sourceforge.net header.s=beta header.b=NH7hH0lK; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=QTPaAi3S; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=efTpeddp; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.sourceforge.net; s=beta; h=Content-Transfer-Encoding:Content-Type: List-Subscribe:List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id: Subject:MIME-Version:References:In-Reply-To:Message-ID:Date:To:From:Sender: Reply-To:Cc:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=zw/ePHT4Q1b96vMn9vpr7+3wlrHR1Fg+o77H42TWumA=; b=NH7hH0lKaGSqVqjTQ/5JVjQ0vW 0m7H/jecim3Vsva6iO/OklVdzNLAiuaN9Ga3kS2ZL89vZKzKguhrUyzMPEylbPMIb1tBASKD4XQJx oCTJXJAxirsc+i+g5PBDjG3w1bpCeSrb0oK/uVuhG1sktx6oXV8oPD0DIPwVB5KonFBo=; Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com) by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1v6QTu-0002Ay-AE; Wed, 08 Oct 2025 09:29:10 +0000 Received: from [172.30.29.66] (helo=mx.sourceforge.net) by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1v6QTs-0002Ao-IK for openvpn-devel@lists.sourceforge.net; Wed, 08 Oct 2025 09:29:08 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-ID:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=rmtMhhMcIF3S/gPZ2to31IByQsVXFhdp0wTtqUms3Io=; b=QTPaAi3S3kya/OsQduk5cOWLz2 u54i6DxsNPNt8Lwy/PQHuQl8LBFhTtT0GagKJAxEbcShPWhPMIKH2ienV8dYAhPfAgqdcVOqzs5zw 2nCS9WL7x7IgrI91Sms5VzWIUZiWYaSsccBIzHuduKIuKt0eADTJRSgTjyiTqdC5xGgQ=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-ID: Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=rmtMhhMcIF3S/gPZ2to31IByQsVXFhdp0wTtqUms3Io=; b=efTpeddp93L7p6ghvdgk86TFda 3IOsFB8F6rEOBxDqZ96PYn5DN/9UK89hfbJiLFQhqtQsvSQcEntUosGjRMzMfYlE0DCNoX1SE0MpZ 8AtNMgezgGQCaf+bo2QYSVm/dbHc1+aX6xIXCRlxeChu9zF/IxAuHRbpLSriku6Ho5SE=; Received: from [193.149.48.134] (helo=blue.greenie.muc.de) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1v6QTr-0000hr-Cd for openvpn-devel@lists.sourceforge.net; Wed, 08 Oct 2025 09:29:08 +0000 Received: from blue.greenie.muc.de (localhost [127.0.0.1]) by blue.greenie.muc.de (8.18.1/8.18.1) with ESMTP id 5989T09I000889 for ; Wed, 8 Oct 2025 11:29:00 +0200 Received: (from gert@localhost) by blue.greenie.muc.de (8.18.1/8.18.1/Submit) id 5989T0ja000888 for openvpn-devel@lists.sourceforge.net; Wed, 8 Oct 2025 11:29:00 +0200 From: Gert Doering To: openvpn-devel@lists.sourceforge.net Date: Wed, 8 Oct 2025 11:28:54 +0200 Message-ID: <20251008092859.875-1-gert@greenie.muc.de> X-Mailer: git-send-email 2.49.1 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Score: 1.3 (+) X-Spam-Report: Spam detection software, running on the system "sfi-spamd-1.hosts.colo.sdot.me", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Frank Lichtenheld In all of these cases the cast is safe to do since we have limits imposed in other ways. And we want those values as int, so no alternative to casting. Content analysis details: (1.3 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 1.3 RDNS_NONE Delivered to internal network by a host with no rDNS X-Headers-End: 1v6QTr-0000hr-Cd Subject: [Openvpn-devel] [PATCH v4] crypto: Make some casts to int explicit X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1845405419964081169?= X-GMAIL-MSGID: =?utf-8?q?1845405419964081169?= From: Frank Lichtenheld In all of these cases the cast is safe to do since we have limits imposed in other ways. And we want those values as int, so no alternative to casting. Change-Id: I3b8dd8d5671e31dba2a23a0a78f36d9dda034b88 Signed-off-by: Frank Lichtenheld Acked-by: Gert Doering Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1217 --- This change was reviewed on Gerrit and approved by at least one developer. I request to merge it to master. Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1217 This mail reflects revision 4 of this Change. Acked-by according to Gerrit (reflected above): Gert Doering diff --git a/src/openvpn/crypto.c b/src/openvpn/crypto.c index 6376c11..307d1ee 100644 --- a/src/openvpn/crypto.c +++ b/src/openvpn/crypto.c @@ -186,11 +186,6 @@ return; } -#if defined(__GNUC__) || defined(__clang__) -#pragma GCC diagnostic push -#pragma GCC diagnostic ignored "-Wconversion" -#endif - static void openvpn_encrypt_v1(struct buffer *buf, struct buffer work, struct crypto_options *opt) { @@ -302,7 +297,7 @@ if (ctx->hmac) { hmac_ctx_reset(ctx->hmac); - hmac_ctx_update(ctx->hmac, hmac_start, BEND(&work) - hmac_start); + hmac_ctx_update(ctx->hmac, hmac_start, (int)(BEND(&work) - hmac_start)); hmac_ctx_final(ctx->hmac, mac_out); dmsg(D_PACKET_CONTENT, "ENCRYPT HMAC: %s", format_hex(mac_out, hmac_ctx_size(ctx->hmac), 80, &gc)); @@ -533,7 +528,7 @@ } } - const int ad_size = BPTR(buf) - ad_start; + const int ad_size = (int)(BPTR(buf) - ad_start); uint8_t *tag_ptr = NULL; int data_len = 0; @@ -1366,8 +1361,8 @@ int state = PARSE_INITIAL; /* constants */ - const int hlen = strlen(static_key_head); - const int flen = strlen(static_key_foot); + const int hlen = (int)strlen(static_key_head); + const int flen = (int)strlen(static_key_foot); const int onekeylen = sizeof(key2->keys[0]); CLEAR(*key2); @@ -1378,7 +1373,9 @@ */ if (flags & RKF_INLINE) /* 'file' is a string containing ascii representation of key */ { - size = strlen(file) + 1; + size_t buf_size = strlen(file) + 1; + ASSERT(buf_size <= INT_MAX); + size = (int)buf_size; buf_set_read(&in, (const uint8_t *)file, size); } else /* 'file' is a filename which refers to a file containing the ascii key */ @@ -1537,10 +1534,6 @@ gc_free(&gc); } -#if defined(__GNUC__) || defined(__clang__) -#pragma GCC diagnostic pop -#endif - int write_key_file(const int nkeys, const char *filename) {