From: Christopher Dykes <cdykes@fb.com>
Date: Wed, 7 Dec 2016 22:16:59 +0000 (-0800)
Subject: Fix some implicit truncations in the interaction with OpenSSL APIs
X-Git-Tag: v2016.12.12.00~9
X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=68112fa0fbddb74381af74fc40c563b5c054cb35;p=folly.git

Fix some implicit truncations in the interaction with OpenSSL APIs

Summary: MSVC has the ability to warn about implicit truncations and places where implicit sign coercions are occuring, so do some cleanup to make it possible to compile with the warnings enabled.

Reviewed By: yfeldblum

Differential Revision: D4288028

fbshipit-source-id: f8330c62b2dcb76f696dfc47888f0e3e1eefc21a
---

diff --git a/folly/io/async/SSLContext.cpp b/folly/io/async/SSLContext.cpp
index a8cf72de..cd7ad6e4 100644
--- a/folly/io/async/SSLContext.cpp
+++ b/folly/io/async/SSLContext.cpp
@@ -278,7 +278,7 @@ void SSLContext::loadCertificateFromBufferPEM(folly::StringPiece cert) {
     throw std::runtime_error("BIO_new: " + getErrors());
   }
 
-  int written = BIO_write(bio.get(), cert.data(), cert.size());
+  int written = BIO_write(bio.get(), cert.data(), int(cert.size()));
   if (written <= 0 || static_cast<unsigned>(written) != cert.size()) {
     throw std::runtime_error("BIO_write: " + getErrors());
   }
@@ -318,7 +318,7 @@ void SSLContext::loadPrivateKeyFromBufferPEM(folly::StringPiece pkey) {
     throw std::runtime_error("BIO_new: " + getErrors());
   }
 
-  int written = BIO_write(bio.get(), pkey.data(), pkey.size());
+  int written = BIO_write(bio.get(), pkey.data(), int(pkey.size()));
   if (written <= 0 || static_cast<unsigned>(written) != pkey.size()) {
     throw std::runtime_error("BIO_write: " + getErrors());
   }
@@ -517,12 +517,12 @@ bool SSLContext::setRandomizedAdvertisedNextProtocols(
     advertised_item.length = 0;
     for (const auto& proto : item.protocols) {
       ++advertised_item.length;
-      unsigned protoLength = proto.length();
+      auto protoLength = proto.length();
       if (protoLength >= 256) {
         deleteNextProtocolsStrings();
         return false;
       }
-      advertised_item.length += protoLength;
+      advertised_item.length += unsigned(protoLength);
     }
     advertised_item.protocols = new unsigned char[advertised_item.length];
     if (!advertised_item.protocols) {
@@ -530,7 +530,7 @@ bool SSLContext::setRandomizedAdvertisedNextProtocols(
     }
     unsigned char* dst = advertised_item.protocols;
     for (auto& proto : item.protocols) {
-      unsigned protoLength = proto.length();
+      uint8_t protoLength = uint8_t(proto.length());
       *dst++ = (unsigned char)protoLength;
       memcpy(dst, proto.data(), protoLength);
       dst += protoLength;
@@ -715,7 +715,7 @@ int SSLContext::passwordCallback(char* password,
   std::string userPassword;
   // call user defined password collector to get password
   context->passwordCollector()->getPassword(userPassword, size);
-  int length = userPassword.size();
+  auto length = int(userPassword.size());
   if (length > size) {
     length = size;
   }
diff --git a/folly/io/async/ssl/OpenSSLUtils.cpp b/folly/io/async/ssl/OpenSSLUtils.cpp
index 7d38cc3a..b2e9d8cb 100644
--- a/folly/io/async/ssl/OpenSSLUtils.cpp
+++ b/folly/io/async/ssl/OpenSSLUtils.cpp
@@ -169,7 +169,7 @@ static std::unordered_map<uint16_t, std::string> getOpenSSLCipherNames() {
   };
 
   STACK_OF(SSL_CIPHER)* sk = SSL_get_ciphers(ssl);
-  for (size_t i = 0; i < (size_t)sk_SSL_CIPHER_num(sk); i++) {
+  for (int i = 0; i < sk_SSL_CIPHER_num(sk); i++) {
     const SSL_CIPHER* c = sk_SSL_CIPHER_value(sk, i);
     unsigned long id = SSL_CIPHER_get_id(c);
     // OpenSSL 1.0.2 and prior does weird things such as stuff the SSL/TLS
diff --git a/folly/ssl/OpenSSLHash.h b/folly/ssl/OpenSSLHash.h
index e3ea65bc..3a568806 100644
--- a/folly/ssl/OpenSSLHash.h
+++ b/folly/ssl/OpenSSLHash.h
@@ -106,7 +106,7 @@ class OpenSSLHash {
     void hash_init(const EVP_MD* md, ByteRange key) {
       md_ = md;
       check_libssl_result(
-          1, HMAC_Init_ex(&ctx_, key.data(), key.size(), md_, nullptr));
+          1, HMAC_Init_ex(&ctx_, key.data(), int(key.size()), md_, nullptr));
     }
     void hash_update(ByteRange data) {
       check_libssl_result(1, HMAC_Update(&ctx_, data.data(), data.size()));
@@ -121,7 +121,7 @@ class OpenSSLHash {
       check_out_size(size, out);
       unsigned int len = 0;
       check_libssl_result(1, HMAC_Final(&ctx_, out.data(), &len));
-      check_libssl_result(size, len);
+      check_libssl_result(size, int(len));
       md_ = nullptr;
     }
    private:
diff --git a/folly/ssl/detail/SSLSessionImpl.cpp b/folly/ssl/detail/SSLSessionImpl.cpp
index d93fcaf9..4154c3b1 100644
--- a/folly/ssl/detail/SSLSessionImpl.cpp
+++ b/folly/ssl/detail/SSLSessionImpl.cpp
@@ -40,8 +40,8 @@ SSLSessionImpl::SSLSessionImpl(SSL_SESSION* session, bool takeOwnership)
 SSLSessionImpl::SSLSessionImpl(const std::string& serializedSession) {
   auto sessionData =
       reinterpret_cast<const unsigned char*>(serializedSession.data());
-  if ((session_ = d2i_SSL_SESSION(
-           nullptr, &sessionData, serializedSession.length())) == nullptr) {
+  auto longLen = long(serializedSession.length());
+  if ((session_ = d2i_SSL_SESSION(nullptr, &sessionData, longLen)) == nullptr) {
     throw std::runtime_error("Cannot deserialize SSLSession string");
   }
 }