1From d49c92c8420db6ee4c88515bdb014f68f4d471d9 Mon Sep 17 00:00:00 2001 2From: Daiki Ueno <ueno@gnu.org> 3Date: Sat, 2 Dec 2023 09:24:01 +0900 4Subject: [PATCH] import-object: Avoid integer truncation on 32-bit platforms 5MIME-Version: 1.0 6Content-Type: text/plain; charset=UTF-8 7Content-Transfer-Encoding: 8bit 8 9The build fails when compiling for 32-bit platforms with 10-Werror=incompatible-pointer-types: 11 12 CFLAGS="-m32 -march=i686 -Werror=incompatible-pointer-types -Werror=implicit -Werror=int-conversion" setarch i686 -- meson setup _build 13 setarch i686 -- meson compile -C _build -v 14 ... 15 16 ../p11-kit/import-object.c: In function ‘add_attrs_pubkey_rsa’: 17 ../p11-kit/import-object.c:223:62: error: passing argument 3 of ‘p11_asn1_read’ from incompatible pointer type [-Werror=incompatible-pointer-types] 18 223 | attr_modulus.pValue = p11_asn1_read (asn, "modulus", &attr_modulus.ulValueLen); 19 | ^~~~~~~~~~~~~~~~~~~~~~~~ 20 | | 21 | long unsigned int * 22 23Reported by Sam James in: 24https://github.com/p11-glue/p11-kit/issues/608 25 26Signed-off-by: Daiki Ueno <ueno@gnu.org> 27 28Upstream: https://github.com/p11-glue/p11-kit/commit/d49c92c8420db6ee4c88515bdb014f68f4d471d9 29Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> 30--- 31 p11-kit/import-object.c | 30 +++++++++++++++++++++++++++--- 32 1 file changed, 27 insertions(+), 3 deletions(-) 33 34diff --git a/p11-kit/import-object.c b/p11-kit/import-object.c 35index feee0765..fb47b964 100644 36--- a/p11-kit/import-object.c 37+++ b/p11-kit/import-object.c 38@@ -55,6 +55,7 @@ 39 #endif 40 41 #include <assert.h> 42+#include <limits.h> 43 #include <stdbool.h> 44 #include <stdlib.h> 45 #include <string.h> 46@@ -201,6 +202,7 @@ add_attrs_pubkey_rsa (CK_ATTRIBUTE *attrs, 47 CK_ATTRIBUTE attr_encrypt = { CKA_ENCRYPT, &tval, sizeof (tval) }; 48 CK_ATTRIBUTE attr_modulus = { CKA_MODULUS, }; 49 CK_ATTRIBUTE attr_exponent = { CKA_PUBLIC_EXPONENT, }; 50+ size_t len = 0; 51 52 pubkey = p11_asn1_read (info, "subjectPublicKey", &pubkey_len); 53 if (pubkey == NULL) { 54@@ -220,17 +222,31 @@ add_attrs_pubkey_rsa (CK_ATTRIBUTE *attrs, 55 goto cleanup; 56 } 57 58- attr_modulus.pValue = p11_asn1_read (asn, "modulus", &attr_modulus.ulValueLen); 59+ attr_modulus.pValue = p11_asn1_read (asn, "modulus", &len); 60 if (attr_modulus.pValue == NULL) { 61 p11_message (_("failed to obtain modulus")); 62 goto cleanup; 63 } 64+#if ULONG_MAX < SIZE_MAX 65+ if (len > ULONG_MAX) { 66+ p11_message (_("failed to obtain modulus")); 67+ goto cleanup; 68+ } 69+#endif 70+ attr_modulus.ulValueLen = len; 71 72- attr_exponent.pValue = p11_asn1_read (asn, "publicExponent", &attr_exponent.ulValueLen); 73+ attr_exponent.pValue = p11_asn1_read (asn, "publicExponent", &len); 74 if (attr_exponent.pValue == NULL) { 75 p11_message (_("failed to obtain exponent")); 76 goto cleanup; 77 } 78+#if ULONG_MAX < SIZE_MAX 79+ if (len > ULONG_MAX) { 80+ p11_message (_("failed to obtain exponent")); 81+ goto cleanup; 82+ } 83+#endif 84+ attr_exponent.ulValueLen = len; 85 86 result = p11_attrs_build (attrs, &attr_key_type, &attr_encrypt, &attr_modulus, &attr_exponent, NULL); 87 if (result == NULL) { 88@@ -260,12 +276,20 @@ add_attrs_pubkey_ec (CK_ATTRIBUTE *attrs, 89 CK_ATTRIBUTE attr_key_type = { CKA_KEY_TYPE, &key_type, sizeof (key_type) }; 90 CK_ATTRIBUTE attr_ec_params = { CKA_EC_PARAMS, }; 91 CK_ATTRIBUTE attr_ec_point = { CKA_EC_POINT, }; 92+ size_t len = 0; 93 94- attr_ec_params.pValue = p11_asn1_read (info, "algorithm.parameters", &attr_ec_params.ulValueLen); 95+ attr_ec_params.pValue = p11_asn1_read (info, "algorithm.parameters", &len); 96 if (attr_ec_params.pValue == NULL) { 97 p11_message (_("failed to obtain EC parameters")); 98 goto cleanup; 99 } 100+#if ULONG_MAX < SIZE_MAX 101+ if (len > ULONG_MAX) { 102+ p11_message (_("failed to obtain EC parameters")); 103+ goto cleanup; 104+ } 105+#endif 106+ attr_ec_params.ulValueLen = len; 107 108 /* subjectPublicKey is read as BIT STRING value which contains 109 * EC point data. We need to DER encode this data as OCTET STRING. 110