From: Matt Caswell Date: Thu, 4 Jun 2015 09:35:08 +0000 (+0100) Subject: Change BIO_number_read and BIO_number_written() to be 64 bit X-Git-Tag: OpenSSL_1_1_0-pre1~1010 X-Git-Url: https://git.openssl.org/?p=openssl.git;a=commitdiff_plain;h=b8b12aadd8edfd3bd327157c8899b1cf3403177f Change BIO_number_read and BIO_number_written() to be 64 bit The return type of BIO_number_read() and BIO_number_written() as well as the corresponding num_read and num_write members in the BIO structure has been changed from unsigned long to uint64_t. On platforms where an unsigned long is 32 bits (e.g. Windows) these counters could overflow if >4Gb is transferred. With thanks to the Open Crypto Audit Project for reporting this issue. Reviewed-by: Richard Levitte --- diff --git a/CHANGES b/CHANGES index 3b0d0b54a0..e1b33929d5 100644 --- a/CHANGES +++ b/CHANGES @@ -3,6 +3,13 @@ _______________ Changes between 1.0.2 and 1.1.0 [xx XXX xxxx] + *) The return type of BIO_number_read() and BIO_number_written() as well as + the corresponding num_read and num_write members in the BIO structure has + changed from unsigned long to uint64_t. On platforms where an unsigned + long is 32 bits (e.g. Windows) these counters could overflow if >4Gb is + transferred. + [Matt Caswell] + *) Given the pervasive nature of TLS extensions it is inadvisable to run OpenSSL without support for them. It also means that maintaining the OPENSSL_NO_TLSEXT option within the code is very invasive (and probably diff --git a/crypto/bio/bio_lib.c b/crypto/bio/bio_lib.c index cc859da740..6ab471cbcb 100644 --- a/crypto/bio/bio_lib.c +++ b/crypto/bio/bio_lib.c @@ -209,7 +209,7 @@ int BIO_read(BIO *b, void *out, int outl) i = b->method->bread(b, out, outl); if (i > 0) - b->num_read += (unsigned long)i; + b->num_read += (uint64_t)i; if (cb != NULL) i = (int)cb(b, BIO_CB_READ | BIO_CB_RETURN, out, outl, 0L, (long)i); @@ -242,7 +242,7 @@ int BIO_write(BIO *b, const void *in, int inl) i = b->method->bwrite(b, in, inl); if (i > 0) - b->num_write += (unsigned long)i; + b->num_write += (uint64_t)i; if (cb != NULL) i = (int)cb(b, BIO_CB_WRITE | BIO_CB_RETURN, in, inl, 0L, (long)i); @@ -272,7 +272,7 @@ int BIO_puts(BIO *b, const char *in) i = b->method->bputs(b, in); if (i > 0) - b->num_write += (unsigned long)i; + b->num_write += (uint64_t)i; if (cb != NULL) i = (int)cb(b, BIO_CB_PUTS | BIO_CB_RETURN, in, 0, 0L, (long)i); @@ -578,14 +578,14 @@ void *BIO_get_ex_data(BIO *bio, int idx) return (CRYPTO_get_ex_data(&(bio->ex_data), idx)); } -unsigned long BIO_number_read(BIO *bio) +uint64_t BIO_number_read(BIO *bio) { if (bio) return bio->num_read; return 0; } -unsigned long BIO_number_written(BIO *bio) +uint64_t BIO_number_written(BIO *bio) { if (bio) return bio->num_write; diff --git a/demos/easy_tls/easy-tls.c b/demos/easy_tls/easy-tls.c index b9512909d1..5b657803d0 100644 --- a/demos/easy_tls/easy-tls.c +++ b/demos/easy_tls/easy-tls.c @@ -1020,7 +1020,7 @@ tls_proxy(int clear_fd, int tls_fd, int info_fd, SSL_CTX *ctx, int client_p) int clear_read_select = 0, clear_write_select = 0, tls_read_select = 0, tls_write_select = 0, progress = 0; int r; - unsigned long num_read = BIO_number_read(rbio), + uint64_t num_read = BIO_number_read(rbio), num_written = BIO_number_written(wbio); DEBUG_MSG2("loop iteration", ++tls_loop_count); diff --git a/include/openssl/bio.h b/include/openssl/bio.h index ab37c87810..e224dd9458 100644 --- a/include/openssl/bio.h +++ b/include/openssl/bio.h @@ -321,8 +321,8 @@ struct bio_st { struct bio_st *next_bio; /* used by filter BIOs */ struct bio_st *prev_bio; /* used by filter BIOs */ int references; - unsigned long num_read; - unsigned long num_write; + uint64_t num_read; + uint64_t num_write; CRYPTO_EX_DATA ex_data; }; @@ -618,8 +618,8 @@ int BIO_set_ex_data(BIO *bio, int idx, void *data); void *BIO_get_ex_data(BIO *bio, int idx); int BIO_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); -unsigned long BIO_number_read(BIO *bio); -unsigned long BIO_number_written(BIO *bio); +uint64_t BIO_number_read(BIO *bio); +uint64_t BIO_number_written(BIO *bio); /* For BIO_f_asn1() */ int BIO_asn1_set_prefix(BIO *b, asn1_ps_func *prefix,