diff --git a/src/common/crypto.c b/src/common/crypto.c
index 35f2beaf88..8a1c3e9bc5 100644
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -715,7 +715,7 @@ crypto_pk_public_checksig(crypto_pk_env_t *env, char *to,
*/
int
crypto_pk_public_checksig_digest(crypto_pk_env_t *env, const char *data,
- int datalen, const char *sig, int siglen)
+ size_t datalen, const char *sig, size_t siglen)
{
char digest[DIGEST_LEN];
char *buf;
@@ -935,12 +935,12 @@ crypto_pk_private_hybrid_decrypt(crypto_pk_env_t *env,
* Return -1 on error, or the number of characters used on success.
*/
int
-crypto_pk_asn1_encode(crypto_pk_env_t *pk, char *dest, int dest_len)
+crypto_pk_asn1_encode(crypto_pk_env_t *pk, char *dest, size_t dest_len)
{
int len;
unsigned char *buf, *cp;
len = i2d_RSAPublicKey(pk->key, NULL);
- if (len < 0 || len > dest_len)
+ if (len < 0 || (size_t)len > dest_len)
return -1;
cp = buf = tor_malloc(len+1);
len = i2d_RSAPublicKey(pk->key, &cp);
diff --git a/src/common/crypto.h b/src/common/crypto.h
index f25bc89947..e51c0777a9 100644
--- a/src/common/crypto.h
+++ b/src/common/crypto.h
@@ -97,7 +97,7 @@ int crypto_pk_private_decrypt(crypto_pk_env_t *env, char *to,
int crypto_pk_public_checksig(crypto_pk_env_t *env, char *to,
const char *from, size_t fromlen);
int crypto_pk_public_checksig_digest(crypto_pk_env_t *env, const char *data,
- int datalen, const char *sig, int siglen);
+ size_t datalen, const char *sig, size_t siglen);
int crypto_pk_private_sign(crypto_pk_env_t *env, char *to,
const char *from, size_t fromlen);
int crypto_pk_private_sign_digest(crypto_pk_env_t *env, char *to,
@@ -109,7 +109,7 @@ int crypto_pk_private_hybrid_decrypt(crypto_pk_env_t *env, char *to,
const char *from, size_t fromlen,
int padding, int warnOnFailure);
-int crypto_pk_asn1_encode(crypto_pk_env_t *pk, char *dest, int dest_len);
+int crypto_pk_asn1_encode(crypto_pk_env_t *pk, char *dest, size_t dest_len);
crypto_pk_env_t *crypto_pk_asn1_decode(const char *str, size_t len);
int crypto_pk_get_digest(crypto_pk_env_t *pk, char *digest_out);
int crypto_pk_get_fingerprint(crypto_pk_env_t *pk, char *fp_out,int add_space);
diff --git a/src/or/connection.c b/src/or/connection.c
index 8243e61110..554d9a29ab 100644
--- a/src/or/connection.c
+++ b/src/or/connection.c
@@ -2561,10 +2561,10 @@ alloc_http_authenticator(const char *authenticator)
{
/* an authenticator in Basic authentication
* is just the string "username:password" */
- const int authenticator_length = strlen(authenticator);
+ const size_t authenticator_length = strlen(authenticator);
/* The base64_encode function needs a minimum buffer length
* of 66 bytes. */
- const int base64_authenticator_length = (authenticator_length/48+1)*66;
+ const size_t base64_authenticator_length = (authenticator_length/48+1)*66;
char *base64_authenticator = tor_malloc(base64_authenticator_length);
if (base64_encode(base64_authenticator, base64_authenticator_length,
authenticator, authenticator_length) < 0) {
diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c
index 52c02d89eb..2cb8e5e807 100644
--- a/src/or/connection_edge.c
+++ b/src/or/connection_edge.c
@@ -364,7 +364,7 @@ connection_ap_expire_beginning(void)
/* if it's an internal linked connection, don't yell its status. */
severity = (!conn->_base.addr && !conn->_base.port)
? LOG_INFO : LOG_NOTICE;
- seconds_idle = now - conn->_base.timestamp_lastread;
+ seconds_idle = (int)( now - conn->_base.timestamp_lastread );
if (AP_CONN_STATE_IS_UNATTACHED(conn->_base.state)) {
if (seconds_idle >= options->SocksTimeout) {
@@ -1004,7 +1004,7 @@ parse_virtual_addr_network(const char *val, int validate_only,
if (validate_only)
return 0;
- virtual_addr_network = addr & (0xfffffffful << (32-bits));
+ virtual_addr_network = (uint32_t)( addr & (0xfffffffful << (32-bits)) );
virtual_addr_netmask_bits = bits;
if (addr_mask_cmp_bits(next_virtual_addr, addr, bits))
@@ -1938,7 +1938,7 @@ connection_ap_handshake_send_begin(edge_connection_t *ap_conn)
(circ->_base.purpose == CIRCUIT_PURPOSE_C_GENERAL) ?
ap_conn->socks_request->address : "",
ap_conn->socks_request->port);
- payload_len = strlen(payload)+1;
+ payload_len = (int)strlen(payload)+1;
log_debug(LD_APP,
"Sending relay cell to begin stream %d.", ap_conn->stream_id);
@@ -1995,7 +1995,7 @@ connection_ap_handshake_send_resolve(edge_connection_t *ap_conn)
if (command == SOCKS_COMMAND_RESOLVE) {
string_addr = ap_conn->socks_request->address;
- payload_len = strlen(string_addr)+1;
+ payload_len = (int)strlen(string_addr)+1;
tor_assert(payload_len <= RELAY_PAYLOAD_SIZE);
} else {
struct in_addr in;
@@ -2029,7 +2029,7 @@ connection_ap_handshake_send_resolve(edge_connection_t *ap_conn)
(int)(uint8_t)((a>>24)&0xff));
}
string_addr = inaddr_buf;
- payload_len = strlen(inaddr_buf)+1;
+ payload_len = (int)strlen(inaddr_buf)+1;
tor_assert(payload_len <= RELAY_PAYLOAD_SIZE);
}
diff --git a/src/or/connection_or.c b/src/or/connection_or.c
index cb881fc571..5d9800d093 100644
--- a/src/or/connection_or.c
+++ b/src/or/connection_or.c
@@ -288,7 +288,7 @@ connection_or_flushed_some(or_connection_t *conn)
/* If we're under the low water mark, add cells until we're just over the
* high water mark. */
if (datalen < OR_CONN_LOWWATER) {
- int n = (OR_CONN_HIGHWATER - datalen + CELL_NETWORK_SIZE-1)
+ ssize_t n = (OR_CONN_HIGHWATER - datalen + CELL_NETWORK_SIZE-1)
/ CELL_NETWORK_SIZE;
while (conn->active_circuits && n > 0) {
int flushed = connection_or_flush_from_first_active_circuit(conn, 1);
@@ -1023,7 +1023,7 @@ connection_or_send_destroy(uint16_t circ_id, or_connection_t *conn, int reason)
static const uint16_t or_protocol_versions[] = { 1, 2 };
/** Number of versions in or_protocol_versions. */
static const int n_or_protocol_versions =
- sizeof(or_protocol_versions)/sizeof(uint16_t);
+ (int)( sizeof(or_protocol_versions)/sizeof(uint16_t) );
/** Return true iff v is a link protocol version that this Tor
* implementation believes it can support. */
@@ -1074,7 +1074,7 @@ connection_or_send_netinfo(or_connection_t *conn)
cell.command = CELL_NETINFO;
/* Their address. */
- set_uint32(cell.payload, htonl(now));
+ set_uint32(cell.payload, htonl((uint32_t)now));
cell.payload[4] = RESOLVED_TYPE_IPV4;
cell.payload[5] = 4;
set_uint32(cell.payload+6, htonl(conn->_base.addr));
diff --git a/src/or/control.c b/src/or/control.c
index f79709fb2f..5b0d7c2ca2 100644
--- a/src/or/control.c
+++ b/src/or/control.c
@@ -398,7 +398,7 @@ get_escaped_string_length(const char *start, size_t in_len_max,
}
if (chars_out)
*chars_out = chars;
- return cp - start+1;
+ return (int)(cp - start+1);
}
/** As decode_escaped_string, but does not decode the string: copies the
@@ -631,9 +631,9 @@ send_control_event_extended(uint16_t event, event_format_t which,
static origin_circuit_t *
get_circ(const char *id)
{
- unsigned long n_id;
+ uint32_t n_id;
int ok;
- n_id = tor_parse_ulong(id, 10, 0, ULONG_MAX, &ok, NULL);
+ n_id = (uint32_t) tor_parse_ulong(id, 10, 0, UINT32_MAX, &ok, NULL);
if (!ok)
return NULL;
return circuit_get_by_global_id(n_id);
@@ -643,10 +643,10 @@ get_circ(const char *id)
static edge_connection_t *
get_stream(const char *id)
{
- unsigned long n_id;
+ uint32_t n_id;
int ok;
edge_connection_t *conn;
- n_id = tor_parse_ulong(id, 10, 0, ULONG_MAX, &ok, NULL);
+ n_id = (uint32_t) tor_parse_ulong(id, 10, 0, UINT32_MAX, &ok, NULL);
if (!ok)
return NULL;
conn = connection_get_by_global_id(n_id);
@@ -1008,7 +1008,7 @@ handle_control_authenticate(control_connection_t *conn, uint32_t len,
cp = body;
while (TOR_ISXDIGIT(*cp))
++cp;
- i = cp - body;
+ i = (int)(cp - body);
tor_assert(i>0);
password_len = i/2;
password = tor_malloc(password_len + 1);
@@ -2197,8 +2197,8 @@ handle_control_attachstream(control_connection_t *conn, uint32_t len,
char *hopstring = smartlist_get(args, 2);
if (!strcasecmpstart(hopstring, "HOP=")) {
hopstring += strlen("HOP=");
- hop = tor_parse_ulong(hopstring, 10, 0, ULONG_MAX,
- &hop_line_ok, NULL);
+ hop = (int) tor_parse_ulong(hopstring, 10, 0, INT_MAX,
+ &hop_line_ok, NULL);
if (!hop_line_ok) { /* broken hop line */
connection_printf_to_buf(conn, "552 Bad value hop=%s\r\n", hopstring);
}
@@ -2660,6 +2660,7 @@ int
connection_control_process_inbuf(control_connection_t *conn)
{
size_t data_len;
+ uint32_t cmd_data_len;
int cmd_len;
char *args;
@@ -2721,7 +2722,7 @@ connection_control_process_inbuf(control_connection_t *conn)
tor_assert(data_len);
last_idx = conn->incoming_cmd_cur_len;
- conn->incoming_cmd_cur_len += data_len;
+ conn->incoming_cmd_cur_len += (int)data_len;
/* We have appended a line to incoming_cmd. Is the command done? */
if (last_idx == 0 && *conn->incoming_cmd != '+')
@@ -2772,64 +2773,71 @@ connection_control_process_inbuf(control_connection_t *conn)
return 0;
}
+ if (data_len >= UINT32_MAX) {
+ connection_write_str_to_buf("500 A 4GB command? Nice try.\r\n", conn);
+ connection_mark_for_close(TO_CONN(conn));
+ return 0;
+ }
+
+ cmd_data_len = (uint32_t)data_len;
if (!strcasecmp(conn->incoming_cmd, "SETCONF")) {
- if (handle_control_setconf(conn, data_len, args))
+ if (handle_control_setconf(conn, cmd_data_len, args))
return -1;
} else if (!strcasecmp(conn->incoming_cmd, "RESETCONF")) {
- if (handle_control_resetconf(conn, data_len, args))
+ if (handle_control_resetconf(conn, cmd_data_len, args))
return -1;
} else if (!strcasecmp(conn->incoming_cmd, "GETCONF")) {
- if (handle_control_getconf(conn, data_len, args))
+ if (handle_control_getconf(conn, cmd_data_len, args))
return -1;
} else if (!strcasecmp(conn->incoming_cmd, "SETEVENTS")) {
- if (handle_control_setevents(conn, data_len, args))
+ if (handle_control_setevents(conn, cmd_data_len, args))
return -1;
} else if (!strcasecmp(conn->incoming_cmd, "AUTHENTICATE")) {
- if (handle_control_authenticate(conn, data_len, args))
+ if (handle_control_authenticate(conn, cmd_data_len, args))
return -1;
} else if (!strcasecmp(conn->incoming_cmd, "SAVECONF")) {
- if (handle_control_saveconf(conn, data_len, args))
+ if (handle_control_saveconf(conn, cmd_data_len, args))
return -1;
} else if (!strcasecmp(conn->incoming_cmd, "SIGNAL")) {
- if (handle_control_signal(conn, data_len, args))
+ if (handle_control_signal(conn, cmd_data_len, args))
return -1;
} else if (!strcasecmp(conn->incoming_cmd, "MAPADDRESS")) {
- if (handle_control_mapaddress(conn, data_len, args))
+ if (handle_control_mapaddress(conn, cmd_data_len, args))
return -1;
} else if (!strcasecmp(conn->incoming_cmd, "GETINFO")) {
- if (handle_control_getinfo(conn, data_len, args))
+ if (handle_control_getinfo(conn, cmd_data_len, args))
return -1;
} else if (!strcasecmp(conn->incoming_cmd, "EXTENDCIRCUIT")) {
- if (handle_control_extendcircuit(conn, data_len, args))
+ if (handle_control_extendcircuit(conn, cmd_data_len, args))
return -1;
} else if (!strcasecmp(conn->incoming_cmd, "SETCIRCUITPURPOSE")) {
- if (handle_control_setcircuitpurpose(conn, data_len, args))
+ if (handle_control_setcircuitpurpose(conn, cmd_data_len, args))
return -1;
} else if (!strcasecmp(conn->incoming_cmd, "SETROUTERPURPOSE")) {
connection_write_str_to_buf("511 SETROUTERPURPOSE is obsolete.\r\n", conn);
} else if (!strcasecmp(conn->incoming_cmd, "ATTACHSTREAM")) {
- if (handle_control_attachstream(conn, data_len, args))
+ if (handle_control_attachstream(conn, cmd_data_len, args))
return -1;
} else if (!strcasecmp(conn->incoming_cmd, "+POSTDESCRIPTOR")) {
- if (handle_control_postdescriptor(conn, data_len, args))
+ if (handle_control_postdescriptor(conn, cmd_data_len, args))
return -1;
} else if (!strcasecmp(conn->incoming_cmd, "REDIRECTSTREAM")) {
- if (handle_control_redirectstream(conn, data_len, args))
+ if (handle_control_redirectstream(conn, cmd_data_len, args))
return -1;
} else if (!strcasecmp(conn->incoming_cmd, "CLOSESTREAM")) {
- if (handle_control_closestream(conn, data_len, args))
+ if (handle_control_closestream(conn, cmd_data_len, args))
return -1;
} else if (!strcasecmp(conn->incoming_cmd, "CLOSECIRCUIT")) {
- if (handle_control_closecircuit(conn, data_len, args))
+ if (handle_control_closecircuit(conn, cmd_data_len, args))
return -1;
} else if (!strcasecmp(conn->incoming_cmd, "USEFEATURE")) {
- if (handle_control_usefeature(conn, data_len, args))
+ if (handle_control_usefeature(conn, cmd_data_len, args))
return -1;
} else if (!strcasecmp(conn->incoming_cmd, "RESOLVE")) {
- if (handle_control_resolve(conn, data_len, args))
+ if (handle_control_resolve(conn, cmd_data_len, args))
return -1;
} else if (!strcasecmp(conn->incoming_cmd, "PROTOCOLINFO")) {
- if (handle_control_protocolinfo(conn, data_len, args))
+ if (handle_control_protocolinfo(conn, cmd_data_len, args))
return -1;
} else {
connection_printf_to_buf(conn, "510 Unrecognized command \"%s\"\r\n",
@@ -3457,7 +3465,7 @@ control_event_or_authdir_new_descriptor(const char *action,
{
char firstline[1024];
char *buf;
- int totallen;
+ size_t totallen;
char *esc = NULL;
size_t esclen;
diff --git a/src/or/cpuworker.c b/src/or/cpuworker.c
index 210dc86ff0..50446f190f 100644
--- a/src/or/cpuworker.c
+++ b/src/or/cpuworker.c
@@ -250,7 +250,7 @@ cpuworker_main(void *data)
dup_onion_keys(&onion_key, &last_onion_key);
for (;;) {
- int r;
+ ssize_t r;
if ((r = recv(fd, &question_type, 1, 0)) != 1) {
// log_fn(LOG_ERR,"read type failed. Exiting.");
diff --git a/src/or/directory.c b/src/or/directory.c
index b0c920f0e4..6b2427b258 100644
--- a/src/or/directory.c
+++ b/src/or/directory.c
@@ -1225,7 +1225,7 @@ connection_dir_client_reached_eof(dir_connection_t *conn)
size_t body_len=0, orig_len=0;
int status_code;
time_t date_header=0;
- int delta;
+ long delta;
compress_method_t compression;
int plausible;
int skewed=0;
@@ -1281,7 +1281,7 @@ connection_dir_client_reached_eof(dir_connection_t *conn)
* inaccurate if we spend a lot of time downloading.)
*/
delta = conn->_base.timestamp_lastwritten - date_header;
- if (abs(delta)>ALLOW_DIRECTORY_TIME_SKEW) {
+ if (labs(delta)>ALLOW_DIRECTORY_TIME_SKEW) {
char dbuf[64];
int trusted = router_digest_is_trusted_dir(conn->identity_digest);
format_time_interval(dbuf, sizeof(dbuf), delta);
@@ -1296,11 +1296,11 @@ connection_dir_client_reached_eof(dir_connection_t *conn)
delta>0 ? "behind" : "ahead");
skewed = 1; /* don't check the recommended-versions line */
control_event_general_status(trusted ? LOG_WARN : LOG_NOTICE,
- "CLOCK_SKEW SKEW=%d SOURCE=DIRSERV:%s:%d",
+ "CLOCK_SKEW SKEW=%ld SOURCE=DIRSERV:%s:%d",
delta, conn->_base.address, conn->_base.port);
} else {
log_debug(LD_HTTP, "Time on received directory is within tolerance; "
- "we are %d seconds skewed. (That's okay.)", delta);
+ "we are %ld seconds skewed. (That's okay.)", delta);
}
}
(void) skewed; /* skewed isn't used yet. */
@@ -1977,7 +1977,7 @@ static void
write_http_response_header_impl(dir_connection_t *conn, ssize_t length,
const char *type, const char *encoding,
const char *extra_headers,
- int cache_lifetime)
+ long cache_lifetime)
{
char date[RFC1123_TIME_LEN+1];
char tmp[1024];
@@ -2041,7 +2041,7 @@ write_http_response_header_impl(dir_connection_t *conn, ssize_t length,
* based on whether the response will be compressed or not. */
static void
write_http_response_header(dir_connection_t *conn, ssize_t length,
- int compressed, int cache_lifetime)
+ int compressed, long cache_lifetime)
{
write_http_response_header_impl(conn, length,
compressed?"application/octet-stream":"text/plain",
@@ -2273,7 +2273,7 @@ directory_handle_command_get(dir_connection_t *conn, const char *headers,
int is_v3 = !strcmpstart(url, "/tor/status-vote");
const char *request_type = NULL;
const char *key = url + strlen("/tor/status/");
- int lifetime = NETWORKSTATUS_CACHE_LIFETIME;
+ long lifetime = NETWORKSTATUS_CACHE_LIFETIME;
if (!is_v3) {
dirserv_get_networkstatus_v2_fingerprints(dir_fps, key);
if (!strcmpstart(key, "fp/"))
@@ -3004,7 +3004,7 @@ download_status_increment_failure(download_status_t *dls, int status_code,
const char *item, int server, time_t now)
{
const int *schedule;
- int schedule_len;
+ size_t schedule_len;
int increment;
tor_assert(dls);
if (status_code != 503 || server)
diff --git a/src/or/dirserv.c b/src/or/dirserv.c
index a3e7bcf5db..cb3def9714 100644
--- a/src/or/dirserv.c
+++ b/src/or/dirserv.c
@@ -31,9 +31,9 @@ const char dirserv_c_id[] =
extern time_t time_of_process_start; /* from main.c */
/** Do we need to regenerate the directory when someone asks for it? */
-static int the_directory_is_dirty = 1;
-static int runningrouters_is_dirty = 1;
-static int the_v2_networkstatus_is_dirty = 1;
+static time_t the_directory_is_dirty = 1;
+static time_t runningrouters_is_dirty = 1;
+static time_t the_v2_networkstatus_is_dirty = 1;
/** Most recently generated encoded signed v1 directory. (v1 auth dirservers
* only.) */
@@ -1628,7 +1628,7 @@ static uint64_t total_exit_bandwidth = 0;
/** Helper: estimate the uptime of a router given its stated uptime and the
* amount of time since it last stated its stated uptime. */
-static INLINE int
+static INLINE long
real_uptime(routerinfo_t *router, time_t now)
{
if (now < router->cache_info.published_on)
@@ -1652,7 +1652,7 @@ dirserv_thinks_router_is_unreliable(time_t now,
/* XXXX Once most authorities are on v3, we should change the rule from
* "use uptime if we don't have mtbf data" to "don't advertise Stable on
* v3 if we don't have enough mtbf data." */
- int uptime = real_uptime(router, now);
+ long uptime = real_uptime(router, now);
if ((unsigned)uptime < stable_uptime &&
(unsigned)uptime < UPTIME_TO_GUARANTEE_STABLE)
return 1;
@@ -1681,7 +1681,7 @@ dirserv_thinks_router_is_unreliable(time_t now,
static int
dirserv_thinks_router_is_hs_dir(routerinfo_t *router, time_t now)
{
- int uptime = real_uptime(router, now);
+ long uptime = real_uptime(router, now);
return (router->wants_to_be_hs_dir &&
uptime > get_options()->MinUptimeHidServDirectoryV2 &&
@@ -1739,7 +1739,7 @@ dirserv_compute_performance_thresholds(routerlist_t *rl)
const char *id = ri->cache_info.identity_digest;
uint32_t bw;
ri->is_exit = exit_policy_is_general_exit(ri->exit_policy);
- uptimes[n_active] = real_uptime(ri, now);
+ uptimes[n_active] = (uint32_t)real_uptime(ri, now);
mtbfs[n_active] = rep_hist_get_stability(id, now);
tks [n_active] = rep_hist_get_weighted_time_known(id, now);
bandwidths[n_active] = bw = router_get_advertised_bandwidth(ri);
@@ -2233,14 +2233,14 @@ dirserv_generate_networkstatus_vote_obj(crypto_pk_env_t *private_key,
char tbuf[ISO_TIME_LEN+1];
networkstatus_t *current_consensus =
networkstatus_get_live_consensus(now);
- time_t last_consensus_interval; /* only used to pick a valid_after */
+ long last_consensus_interval; /* only used to pick a valid_after */
if (current_consensus)
last_consensus_interval = current_consensus->fresh_until -
current_consensus->valid_after;
else
last_consensus_interval = DEFAULT_VOTING_INTERVAL_WHEN_NO_CONSENSUS;
v3_out->valid_after =
- dirvote_get_start_of_next_interval(now, last_consensus_interval);
+ dirvote_get_start_of_next_interval(now, (int)last_consensus_interval);
format_iso_time(tbuf, v3_out->valid_after);
log_notice(LD_DIR,"Choosing valid-after time in vote as %s: "
"consensus_set=%d, last_interval=%d",
diff --git a/src/or/dirvote.c b/src/or/dirvote.c
index 50f8569292..fbbd82ee28 100644
--- a/src/or/dirvote.c
+++ b/src/or/dirvote.c
@@ -283,7 +283,7 @@ compare_vote_rs(const vote_routerstatus_t *a, const vote_routerstatus_t *b)
if ((r = memcmp(a->status.descriptor_digest, b->status.descriptor_digest,
DIGEST_LEN)))
return r;
- if ((r = (b->status.published_on - a->status.published_on)))
+ if ((r = (int)(b->status.published_on - a->status.published_on)))
return r;
if ((r = strcmp(b->status.nickname, a->status.nickname)))
return r;
@@ -1220,7 +1220,7 @@ dirvote_recalculate_timing(or_options_t *options, time_t now)
memset(&voting_schedule, 0, sizeof(voting_schedule));
if (consensus) {
- interval = consensus->fresh_until - consensus->valid_after;
+ interval = (int)( consensus->fresh_until - consensus->valid_after );
vote_delay = consensus->vote_seconds;
dist_delay = consensus->dist_seconds;
} else {
diff --git a/src/or/dns.c b/src/or/dns.c
index ac21fc5f33..a617130bdf 100644
--- a/src/or/dns.c
+++ b/src/or/dns.c
@@ -268,7 +268,12 @@ static int
_compare_cached_resolves_by_expiry(const void *_a, const void *_b)
{
const cached_resolve_t *a = _a, *b = _b;
- return a->expire - b->expire;
+ if (a->expire < b->expire)
+ return -1;
+ else if (a->expire == b->expire)
+ return 0;
+ else
+ return 1;
}
/** Priority queue of cached_resolve_t objects to let us know when they
@@ -423,7 +428,7 @@ send_resolved_cell(edge_connection_t *conn, uint8_t answer_type)
case RESOLVED_TYPE_ERROR:
{
const char *errmsg = "Error resolving hostname";
- int msglen = strlen(errmsg);
+ size_t msglen = strlen(errmsg);
buf[1] = msglen;
strlcpy(buf+2, errmsg, sizeof(buf)-2);
@@ -501,10 +506,10 @@ parse_inaddr_arpa_address(const char *address, struct in_addr *in)
if (in) {
uint32_t a;
/* reverse the bytes */
- a = ( ((inaddr.s_addr & 0x000000fful) << 24)
- |((inaddr.s_addr & 0x0000ff00ul) << 8)
- |((inaddr.s_addr & 0x00ff0000ul) >> 8)
- |((inaddr.s_addr & 0xff000000ul) >> 24));
+ a = (uint32_t) ( ((inaddr.s_addr & 0x000000fful) << 24)
+ |((inaddr.s_addr & 0x0000ff00ul) << 8)
+ |((inaddr.s_addr & 0x00ff0000ul) >> 8)
+ |((inaddr.s_addr & 0xff000000ul) >> 24));
inaddr.s_addr = a;
memcpy(in, &inaddr, sizeof(inaddr));
diff --git a/src/or/dnsserv.c b/src/or/dnsserv.c
index 933ab699ab..c88193e15a 100644
--- a/src/or/dnsserv.c
+++ b/src/or/dnsserv.c
@@ -39,7 +39,7 @@ evdns_server_callback(struct evdns_server_request *req, void *_data)
/* First, check whether the requesting address matches our SOCKSPolicy. */
if ((addrlen = evdns_server_request_get_requesting_addr(req,
- (struct sockaddr*)&addr, sizeof(addr))) < 0) {
+ (struct sockaddr*)&addr, (socklen_t)sizeof(addr))) < 0) {
log_warn(LD_APP, "Couldn't get requesting address.");
evdns_server_request_respond(req, DNS_ERR_SERVERFAILED);
return;
diff --git a/src/or/geoip.c b/src/or/geoip.c
index 49f1746b52..f81c18c85f 100644
--- a/src/or/geoip.c
+++ b/src/or/geoip.c
@@ -20,7 +20,7 @@ static void clear_geoip_db(void);
typedef struct geoip_entry_t {
uint32_t ip_low; /**< The lowest IP in the range, in host order */
uint32_t ip_high; /**< The highest IP in the range, in host order */
- int country; /**< An index into geoip_countries */
+ intptr_t country; /**< An index into geoip_countries */
} geoip_entry_t;
/** A list of lowercased two-letter country codes. */
@@ -38,7 +38,7 @@ static smartlist_t *geoip_entries = NULL;
static void
geoip_add_entry(uint32_t low, uint32_t high, const char *country)
{
- uintptr_t idx;
+ intptr_t idx;
geoip_entry_t *ent;
void *_idxplus1;
@@ -143,7 +143,7 @@ geoip_load_file(const char *filename)
log_info(LD_GENERAL, "Parsing GEOIP file.");
while (!feof(f)) {
char buf[512];
- if (fgets(buf, sizeof(buf), f) == NULL)
+ if (fgets(buf, (int)sizeof(buf), f) == NULL)
break;
/* FFFF track full country name. */
geoip_parse_entry(buf);
@@ -167,14 +167,14 @@ geoip_get_country_by_ip(uint32_t ipaddr)
if (!geoip_entries)
return -1;
ent = smartlist_bsearch(geoip_entries, &ipaddr, _geoip_compare_key_to_entry);
- return ent ? ent->country : -1;
+ return ent ? (int)ent->country : -1;
}
/** Return the number of countries recognized by the GeoIP database. */
int
geoip_get_n_countries(void)
{
- return smartlist_len(geoip_countries);
+ return (int) smartlist_len(geoip_countries);
}
/** Return the two-letter country code associated with the number num,
diff --git a/src/or/hibernate.c b/src/or/hibernate.c
index aaf35b639f..dd3dff12c9 100644
--- a/src/or/hibernate.c
+++ b/src/or/hibernate.c
@@ -490,7 +490,7 @@ accounting_set_wakeup_time(void)
return;
}
- time_in_interval = interval_end_time - interval_start_time;
+ time_in_interval = (int)(interval_end_time - interval_start_time);
time_to_exhaust_bw =
(get_options()->AccountingMax/expected_bandwidth_usage)*60;
diff --git a/src/or/main.c b/src/or/main.c
index 7b8448ea1d..faeca20f0a 100644
--- a/src/or/main.c
+++ b/src/or/main.c
@@ -1190,7 +1190,7 @@ second_elapsed_callback(int fd, short event, void *args)
/* the second has rolled over. check more stuff. */
bytes_written = stats_prev_global_write_bucket - global_write_bucket;
bytes_read = stats_prev_global_read_bucket - global_read_bucket;
- seconds_elapsed = current_second ? (now.tv_sec - current_second) : 0;
+ seconds_elapsed = current_second ? (int)(now.tv_sec - current_second) : 0;
stats_n_bytes_read += bytes_read;
stats_n_bytes_written += bytes_written;
if (accounting_is_enabled(options) && seconds_elapsed >= 0)
diff --git a/src/or/networkstatus.c b/src/or/networkstatus.c
index c6b8a0eb0f..b04800f2f5 100644
--- a/src/or/networkstatus.c
+++ b/src/or/networkstatus.c
@@ -1130,7 +1130,7 @@ update_consensus_networkstatus_fetch_time(time_t now)
tor_assert(c->fresh_until < start);
/* We must download the next one before c is invalid: */
tor_assert(start+dl_interval < c->valid_until);
- time_to_download_next_consensus = start + crypto_rand_int(dl_interval);
+ time_to_download_next_consensus = start + crypto_rand_int((int)dl_interval);
{
char tbuf1[ISO_TIME_LEN+1];
char tbuf2[ISO_TIME_LEN+1];
diff --git a/src/or/onion.c b/src/or/onion.c
index c798a8d20e..a51dc3e7ac 100644
--- a/src/or/onion.c
+++ b/src/or/onion.c
@@ -180,7 +180,7 @@ onion_skin_create(crypto_pk_env_t *dest_router_key,
goto err;
dhbytes = crypto_dh_get_bytes(dh);
- pkbytes = crypto_pk_keysize(dest_router_key);
+ pkbytes = (int) crypto_pk_keysize(dest_router_key);
tor_assert(dhbytes == 128);
tor_assert(pkbytes == 128);
@@ -235,7 +235,7 @@ onion_skin_server_handshake(const char *onion_skin, /*ONIONSKIN_CHALLENGE_LEN*/
{
char challenge[ONIONSKIN_CHALLENGE_LEN];
crypto_dh_env_t *dh = NULL;
- int len;
+ ssize_t len;
char *key_material=NULL;
size_t key_material_len=0;
int i;
@@ -258,8 +258,8 @@ onion_skin_server_handshake(const char *onion_skin, /*ONIONSKIN_CHALLENGE_LEN*/
"Couldn't decrypt onionskin: client may be using old onion key");
goto err;
} else if (len != DH_KEY_LEN) {
- log_warn(LD_PROTOCOL, "Unexpected onionskin length after decryption: %d",
- len);
+ log_warn(LD_PROTOCOL, "Unexpected onionskin length after decryption: %ld",
+ (long)len);
goto err;
}
@@ -332,7 +332,7 @@ onion_skin_client_handshake(crypto_dh_env_t *handshake_state,
char *key_out,
size_t key_out_len)
{
- int len;
+ ssize_t len;
char *key_material=NULL;
size_t key_material_len;
tor_assert(crypto_dh_get_bytes(handshake_state) == DH_KEY_LEN);
diff --git a/src/or/router.c b/src/or/router.c
index 88179fdcd9..ec7a45fd1b 100644
--- a/src/or/router.c
+++ b/src/or/router.c
@@ -333,7 +333,7 @@ v3_authority_check_key_expiry(void)
now = time(NULL);
expires = authority_key_certificate->expires;
- time_left = expires - now;
+ time_left = (int)( expires - now );
if (time_left <= 0) {
badness = LOG_ERR;
warn_interval = 60*60;
@@ -1742,7 +1742,7 @@ router_dump_router_to_string(char *s, size_t maxlen, routerinfo_t *router,
}
#endif
- return written+1;
+ return (int)written+1;
}
/** Write the contents of extrainfo to the maxlen-byte string
@@ -1814,7 +1814,7 @@ extrainfo_dump_to_string(char *s, size_t maxlen, extrainfo_t *extrainfo,
}
#endif
- return strlen(s)+1;
+ return (int)strlen(s)+1;
}
/** Return true iff s is a legally valid server nickname. */
diff --git a/src/or/routerlist.c b/src/or/routerlist.c
index 3a2d0e8158..331565d24c 100644
--- a/src/or/routerlist.c
+++ b/src/or/routerlist.c
@@ -547,7 +547,7 @@ static int
_compare_signed_descriptors_by_age(const void **_a, const void **_b)
{
const signed_descriptor_t *r1 = *_a, *r2 = *_b;
- return r1->published_on - r2->published_on;
+ return (int)(r1->published_on - r2->published_on);
}
/** If the journal is too long, or if force is true, then atomically
@@ -2875,7 +2875,7 @@ _compare_old_routers_by_identity(const void **_a, const void **_b)
const signed_descriptor_t *r1 = *_a, *r2 = *_b;
if ((i = memcmp(r1->identity_digest, r2->identity_digest, DIGEST_LEN)))
return i;
- return r1->published_on - r2->published_on;
+ return (int)(r1->published_on - r2->published_on);
}
/** Internal type used to represent how long an old descriptor was valid,
@@ -2949,7 +2949,7 @@ routerlist_remove_old_cached_routers_with_id(time_t now,
if (i < hi) {
r_next = smartlist_get(lst, i+1);
tor_assert(r->published_on <= r_next->published_on);
- lifespans[i-lo].duration = (r_next->published_on - r->published_on);
+ lifespans[i-lo].duration = (int)(r_next->published_on - r->published_on);
} else {
r_next = NULL;
lifespans[i-lo].duration = INT_MAX;
@@ -4185,7 +4185,7 @@ int
router_differences_are_cosmetic(routerinfo_t *r1, routerinfo_t *r2)
{
time_t r1pub, r2pub;
- int time_difference;
+ long time_difference;
tor_assert(r1 && r2);
/* r1 should be the one that was published first. */
@@ -4240,7 +4240,7 @@ router_differences_are_cosmetic(routerinfo_t *r1, routerinfo_t *r2)
* give or take some slop? */
r1pub = r1->cache_info.published_on;
r2pub = r2->cache_info.published_on;
- time_difference = abs(r2->uptime - (r1->uptime + (r2pub - r1pub)));
+ time_difference = labs(r2->uptime - (r1->uptime + (r2pub - r1pub)));
if (time_difference > ROUTER_ALLOW_UPTIME_DRIFT &&
time_difference > r1->uptime * .05 &&
time_difference > r2->uptime * .05)
diff --git a/src/or/routerparse.c b/src/or/routerparse.c
index 2a897f55cc..1b77d992a3 100644
--- a/src/or/routerparse.c
+++ b/src/or/routerparse.c
@@ -507,7 +507,7 @@ router_append_dirobj_signature(char *buf, size_t buf_len, const char *digest,
crypto_pk_env_t *private_key)
{
char *signature;
- int i;
+ size_t i;
signature = tor_malloc(crypto_pk_keysize(private_key));
if (crypto_pk_private_sign(private_key, signature, digest, DIGEST_LEN) < 0) {
@@ -1174,7 +1174,7 @@ router_parse_entry_from_string(const char *s, const char *end,
tok = find_first_by_keyword(tokens, K_BANDWIDTH);
tor_assert(tok && tok->n_args >= 3);
- router->bandwidthrate =
+ router->bandwidthrate = (int)
tor_parse_long(tok->args[0],10,1,INT_MAX,&ok,NULL);
if (!ok) {
@@ -1182,12 +1182,13 @@ router_parse_entry_from_string(const char *s, const char *end,
escaped(tok->args[0]));
goto err;
}
- router->bandwidthburst = tor_parse_long(tok->args[1],10,0,INT_MAX,&ok,NULL);
+ router->bandwidthburst =
+ (int) tor_parse_long(tok->args[1],10,0,INT_MAX,&ok,NULL);
if (!ok) {
log_warn(LD_DIR, "Invalid bandwidthburst %s", escaped(tok->args[1]));
goto err;
}
- router->bandwidthcapacity =
+ router->bandwidthcapacity = (int)
tor_parse_long(tok->args[2],10,0,INT_MAX,&ok,NULL);
if (!ok) {
log_warn(LD_DIR, "Invalid bandwidthcapacity %s", escaped(tok->args[1]));
@@ -2309,8 +2310,10 @@ networkstatus_parse_vote_from_string(const char *s, const char **eos_out,
goto err;
v->good_signature = 1;
} else {
+ if (tok->object_size >= INT_MAX)
+ goto err;
v->signature = tor_memdup(tok->object_body, tok->object_size);
- v->signature_len = tok->object_size;
+ v->signature_len = (int) tok->object_size;
}
++n_signatures;
});
@@ -2441,8 +2444,10 @@ networkstatus_parse_detached_signatures(const char *s, const char *eos)
voter = tor_malloc_zero(sizeof(networkstatus_voter_info_t));
memcpy(voter->identity_digest, id_digest, DIGEST_LEN);
memcpy(voter->signing_key_digest, sk_digest, DIGEST_LEN);
+ if (tok->object_size >= INT_MAX)
+ goto err;
voter->signature = tor_memdup(tok->object_body, tok->object_size);
- voter->signature_len = tok->object_size;
+ voter->signature_len = (int) tok->object_size;
smartlist_add(sigs->signatures, voter);
});
@@ -2684,7 +2689,8 @@ static directory_token_t *
get_next_token(const char **s, const char *eos, token_rule_t *table)
{
const char *next, *eol, *obstart;
- int i, j, allocated, obname_len;
+ int i, j, allocated;
+ size_t obname_len;
directory_token_t *tok;
obj_syntax o_syn = NO_OBJ;
char ebuf[128];
@@ -2801,7 +2807,7 @@ get_next_token(const char **s, const char *eos, token_rule_t *table)
if (!eol) /* end-of-line marker, or eos if there's no '\n' */
eol = eos;
/* Validate the ending tag, which should be 9 + NAME + 5 + eol */
- if (eol-next != 9+obname_len+5 ||
+ if ((size_t)(eol-next) != 9+obname_len+5 ||
strcmp_len(next+9, tok->object_type, obname_len) ||
strcmp_len(eol-5, "-----", 5)) {
snprintf(ebuf, sizeof(ebuf), "Malformed object: mismatched end tag %s",
@@ -3065,17 +3071,17 @@ tor_version_parse(const char *s, tor_version_t *out)
s += 4;
/* Get major. */
- out->major = strtol(s,&eos,10);
+ out->major = (int)strtol(s,&eos,10);
if (!eos || eos==s || *eos != '.') return -1;
cp = eos+1;
/* Get minor */
- out->minor = strtol(cp,&eos,10);
+ out->minor = (int) strtol(cp,&eos,10);
if (!eos || eos==cp || *eos != '.') return -1;
cp = eos+1;
/* Get micro */
- out->micro = strtol(cp,&eos,10);
+ out->micro = (int) strtol(cp,&eos,10);
if (!eos || eos==cp) return -1;
if (!*eos) {
out->status = VER_RELEASE;
@@ -3099,7 +3105,7 @@ tor_version_parse(const char *s, tor_version_t *out)
}
/* Get patchlevel */
- out->patchlevel = strtol(cp,&eos,10);
+ out->patchlevel = (int) strtol(cp,&eos,10);
if (!eos || eos==cp) return -1;
cp = eos;
@@ -3117,7 +3123,7 @@ tor_version_parse(const char *s, tor_version_t *out)
if (!strcmpstart(cp, "(r")) {
cp += 2;
- out->svn_revision = strtol(cp,&eos,10);
+ out->svn_revision = (int) strtol(cp,&eos,10);
}
return 0;