Skip to content

bpo-9566: Fixed _ssl module warnings #2495

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 3 commits into from
Jul 26, 2017
Merged

bpo-9566: Fixed _ssl module warnings #2495

Changes from 2 commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
e2efb0a
bpo-9566: Fixed some _ssl warnings
segevfiner Jun 29, 2017
1793f48
bpo-9566: _ssl: Fixup the fixes and also fix the remainings warnings
segevfiner Jun 30, 2017
e8380af
Add a comment about the downcast
segevfiner Jul 26, 2017
File filter

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 12 additions & 6 deletions Modules/_ssl.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -285,7 +285,7 @@ typedef struct {
#endif
#ifdef HAVE_ALPN
unsigned char *alpn_protocols;
int alpn_protocols_len;
unsigned int alpn_protocols_len;
#endif
#ifndef OPENSSL_NO_TLSEXT
PyObject *set_hostname;
Expand Down Expand Up @@ -1555,7 +1555,7 @@ cipher_to_dict(const SSL_CIPHER *cipher)
cipher_protocol = SSL_CIPHER_get_version(cipher);
cipher_id = SSL_CIPHER_get_id(cipher);
SSL_CIPHER_description(cipher, buf, sizeof(buf) - 1);
len = strlen(buf);
len = (int)strlen(buf);
Copy link
Member

@vstinner vstinner Jun 30, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

buf is 512 bytes long and always ends with a null byte, so the downcast is safe.
Copy link
Member

@zooba zooba Jul 26, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Right, and by explicitly stating that we are intentionally downcasting, someone who is reading the code can recognize that without having to do the flow analysis themselves. (Also, the compiler will recognize it too, and stop showing a warning.)
if (len > 1 && buf[len-1] == '\n')
buf[len-1] = '\0';
strength_bits = SSL_CIPHER_get_bits(cipher, &alg_bits);
Expand Down Expand Up @@ -2939,12 +2939,18 @@ _ssl__SSLContext__set_alpn_protocols_impl(PySSLContext *self,
/*[clinic end generated code: output=87599a7f76651a9b input=9bba964595d519be]*/
{
#ifdef HAVE_ALPN
if (protos->len > UINT_MAX) {
PyErr_Format(PyExc_OverflowError,
"protocols longer than %d bytes", UINT_MAX);
return NULL;
}

PyMem_FREE(self->alpn_protocols);
self->alpn_protocols = PyMem_Malloc(protos->len);
if (!self->alpn_protocols)
return PyErr_NoMemory();
memcpy(self->alpn_protocols, protos->buf, protos->len);
self->alpn_protocols_len = protos->len;
self->alpn_protocols_len = (unsigned int)protos->len;

if (SSL_CTX_set_alpn_protos(self->ctx, self->alpn_protocols, self->alpn_protocols_len))
return PyErr_NoMemory();
Expand Down Expand Up @@ -4073,7 +4079,7 @@ memory_bio_dealloc(PySSLMemoryBIO *self)
static PyObject *
memory_bio_get_pending(PySSLMemoryBIO *self, void *c)
{
return PyLong_FromLong(BIO_ctrl_pending(self->bio));
return PyLong_FromSize_t(BIO_ctrl_pending(self->bio));
}

PyDoc_STRVAR(PySSL_memory_bio_pending_doc,
Expand Down Expand Up @@ -4109,7 +4115,7 @@ _ssl_MemoryBIO_read_impl(PySSLMemoryBIO *self, int len)
int avail, nbytes;
PyObject *result;

avail = BIO_ctrl_pending(self->bio);
avail = (int)Py_MIN(BIO_ctrl_pending(self->bio), INT_MAX);
if ((len < 0) || (len > avail))
len = avail;

Expand Down Expand Up @@ -4155,7 +4161,7 @@ _ssl_MemoryBIO_write_impl(PySSLMemoryBIO *self, Py_buffer *b)
return NULL;
}

nbytes = BIO_write(self->bio, b->buf, b->len);
nbytes = BIO_write(self->bio, b->buf, (int)b->len);
if (nbytes < 0) {
_setSSLError(NULL, 0, __FILE__, __LINE__);
return NULL;
Expand Down