From 065a471d16636c3fba5da8aed86ffa30dcfd489b Mon Sep 17 00:00:00 2001 From: "A. Wilcox" Date: Wed, 20 Mar 2019 13:22:51 -0500 Subject: [PATCH 1/2] CSecurityTLS: Use size_t as argument for new MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Using an 'int' is invalid, and produces the following output under GCC 8.3.0: tigervnc-1.9.0/common/rfb/CSecurityTLS.cxx: In member function ‘void rfb::CSecurityTLS::checkSession()’: tigervnc-1.9.0/common/rfb/CSecurityTLS.cxx:384:11: error: specified bound range [18446744071562067968, 18446744073709551615] exceeds ‘INT_MAX’ [-Werror=format-truncation=] snprintf(certinfo, len, "This certificate has been signed by an unknown " ~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "authority:\n\n%s\n\nDo you want to save it and " ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "continue? ", info.data); ~~~~~~~~~~~~~~~~~~~~~~~~ tigervnc-1.9.0/common/rfb/CSecurityTLS.cxx:380:26: error: argument 1 range [18446744071562067968, 18446744073709551615] exceeds maximum object size 9223372036854775807 [-Werror=alloc-size-larger-than=] certinfo = new char[len]; ^ In file included from /usr/include/c++/8.3.0/ext/new_allocator.h:33, from /usr/include/c++/8.3.0/powerpc64-foxkit-linux-musl/bits/c++allocator.h:33, from /usr/include/c++/8.3.0/bits/allocator.h:46, from /usr/include/c++/8.3.0/bits/stl_tree.h:64, from /usr/include/c++/8.3.0/set:60, from tigervnc-1.9.0/common/rfb/ConnParams.h:26, from tigervnc-1.9.0/common/rfb/SMsgHandler.h:28, from tigervnc-1.9.0/common/rfb/SConnection.h:29, from tigervnc-1.9.0/common/rfb/SSecurity.h:47, from tigervnc-1.9.0/common/rfb/SSecurityStack.h:23, from tigervnc-1.9.0/common/rfb/SSecurityVeNCrypt.h:32, from tigervnc-1.9.0/common/rfb/CSecurityTLS.h:34, from tigervnc-1.9.0/common/rfb/CSecurityTLS.cxx:36: /usr/include/c++/8.3.0/new:122:7: note: in a call to allocation function ‘void* operator new [](std::size_t)’ declared here void* operator new[](std::size_t) _GLIBCXX_THROW (std::bad_alloc) ^~~~~~~~ --- common/rfb/CSecurityTLS.cxx | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/common/rfb/CSecurityTLS.cxx b/common/rfb/CSecurityTLS.cxx index c6d1e310..235df45d 100644 --- a/common/rfb/CSecurityTLS.cxx +++ b/common/rfb/CSecurityTLS.cxx @@ -383,7 +383,7 @@ void CSecurityTLS::checkSession() size_t out_size = 0; char *out_buf = NULL; char *certinfo = NULL; - int len = 0; + size_t len = 0; vlog.debug("certificate issuer unknown"); @@ -403,7 +403,7 @@ void CSecurityTLS::checkSession() "authority:\n\n%s\n\nDo you want to save it and " "continue? ", info.data); - for (int i = 0; i < len - 1; i++) + for (size_t i = 0; i < len - 1; i++) if (certinfo[i] == ',' && certinfo[i + 1] == ' ') certinfo[i] = '\n'; -- 2.19.2