Clear some size_t truncations
Also fix the comments for ERR_STATE because they were actually wrong.
Bug: 516
Change-Id: I3b352fc75e63075a9f02f33c6e23da0f821a323e
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/61425
Auto-Submit: David Benjamin <davidben@google.com>
Reviewed-by: Bob Beck <bbe@google.com>
Commit-Queue: Bob Beck <bbe@google.com>
diff --git a/crypto/err/err.c b/crypto/err/err.c
index eff2dc9..a8a53af 100644
--- a/crypto/err/err.c
+++ b/crypto/err/err.c
@@ -146,13 +146,13 @@
// ERR_STATE contains the per-thread, error queue.
typedef struct err_state_st {
- // errors contains the ERR_NUM_ERRORS most recent errors, organised as a ring
- // buffer.
+ // errors contains up to ERR_NUM_ERRORS - 1 most recent errors, organised as a
+ // ring buffer.
struct err_error_st errors[ERR_NUM_ERRORS];
- // top contains the index one past the most recent error. If |top| equals
- // |bottom| then the queue is empty.
+ // top contains the index of the most recent error. If |top| equals |bottom|
+ // then the queue is empty.
unsigned top;
- // bottom contains the index of the last error in the queue.
+ // bottom contains the index before the least recent error in the queue.
unsigned bottom;
// to_free, if not NULL, contains a pointer owned by this structure that was
@@ -866,6 +866,10 @@
return;
}
+ if (state->num_errors >= ERR_NUM_ERRORS) {
+ abort();
+ }
+
ERR_STATE *const dst = err_get_state();
if (dst == NULL) {
return;
@@ -874,6 +878,6 @@
for (size_t i = 0; i < state->num_errors; i++) {
err_copy(&dst->errors[i], &state->errors[i]);
}
- dst->top = state->num_errors - 1;
+ dst->top = (unsigned)(state->num_errors - 1);
dst->bottom = ERR_NUM_ERRORS - 1;
}
