Merge pull request #379 from nils-ohlmeier/firefox_fix_compiler_warnings

fixed several compiler warnings from Firefox builds

crypto/cipher/aes_icm.c

@@ -347,7 +347,7 @@ static srtp_err_status_t srtp_aes_icm_encrypt(void *cv,
         *b++ ^= c->keystream_buffer.v32[3];
         buf = (uint8_t *)b;
 #else
-        if ((((unsigned long)buf) & 0x03) != 0) {
+        if ((((uintptr_t)buf) & 0x03) != 0) {
             *buf++ ^= c->keystream_buffer.v8[0];
             *buf++ ^= c->keystream_buffer.v8[1];
             *buf++ ^= c->keystream_buffer.v8[2];

crypto/cipher/cipher.c

@@ -218,6 +218,7 @@ srtp_err_status_t srtp_cipher_type_test(
     uint32_t tag_len;
     unsigned int len;
     int i, j, case_num = 0;
+    unsigned k = 0;
 
     debug_print(srtp_mod_cipher, "running self-test for cipher %s",
                 ct->description);
@@ -259,8 +260,8 @@ srtp_err_status_t srtp_cipher_type_test(
             srtp_cipher_dealloc(c);
             return srtp_err_status_bad_param;
         }
-        for (i = 0; i < test_case->plaintext_length_octets; i++) {
-            buffer[i] = test_case->plaintext[i];
+        for (k = 0; k < test_case->plaintext_length_octets; k++) {
+            buffer[k] = test_case->plaintext[k];
         }
 
         debug_print(srtp_mod_cipher, "plaintext:    %s",
@@ -325,11 +326,11 @@ srtp_err_status_t srtp_cipher_type_test(
             return srtp_err_status_algo_fail;
         }
         status = srtp_err_status_ok;
-        for (i = 0; i < test_case->ciphertext_length_octets; i++) {
-            if (buffer[i] != test_case->ciphertext[i]) {
+        for (k = 0; k < test_case->ciphertext_length_octets; k++) {
+            if (buffer[k] != test_case->ciphertext[k]) {
                 status = srtp_err_status_algo_fail;
                 debug_print(srtp_mod_cipher, "test case %d failed", case_num);
-                debug_print(srtp_mod_cipher, "(failure at byte %d)", i);
+                debug_print(srtp_mod_cipher, "(failure at byte %u)", k);
                 break;
             }
         }
@@ -363,8 +364,8 @@ srtp_err_status_t srtp_cipher_type_test(
             srtp_cipher_dealloc(c);
             return srtp_err_status_bad_param;
         }
-        for (i = 0; i < test_case->ciphertext_length_octets; i++) {
-            buffer[i] = test_case->ciphertext[i];
+        for (k = 0; k < test_case->ciphertext_length_octets; k++) {
+            buffer[k] = test_case->ciphertext[k];
         }
 
         debug_print(srtp_mod_cipher, "ciphertext:    %s",
@@ -413,11 +414,11 @@ srtp_err_status_t srtp_cipher_type_test(
             return srtp_err_status_algo_fail;
         }
         status = srtp_err_status_ok;
-        for (i = 0; i < test_case->plaintext_length_octets; i++) {
-            if (buffer[i] != test_case->plaintext[i]) {
+        for (k = 0; k < test_case->plaintext_length_octets; k++) {
+            if (buffer[k] != test_case->plaintext[k]) {
                 status = srtp_err_status_algo_fail;
                 debug_print(srtp_mod_cipher, "test case %d failed", case_num);
-                debug_print(srtp_mod_cipher, "(failure at byte %d)", i);
+                debug_print(srtp_mod_cipher, "(failure at byte %u)", k);
             }
         }
         if (status) {
@@ -458,8 +459,8 @@ srtp_err_status_t srtp_cipher_type_test(
     }
 
     for (j = 0; j < NUM_RAND_TESTS; j++) {
-        unsigned length;
-        int plaintext_len;
+        unsigned int length;
+        unsigned int plaintext_len;
         uint8_t key[MAX_KEY_LEN];
         uint8_t iv[MAX_KEY_LEN];
 
@@ -596,12 +597,12 @@ srtp_err_status_t srtp_cipher_type_test(
             return srtp_err_status_algo_fail;
         }
         status = srtp_err_status_ok;
-        for (i = 0; i < plaintext_len; i++) {
-            if (buffer[i] != buffer2[i]) {
+        for (k = 0; k < plaintext_len; k++) {
+            if (buffer[k] != buffer2[k]) {
                 status = srtp_err_status_algo_fail;
                 debug_print(srtp_mod_cipher, "random test case %d failed",
                             case_num);
-                debug_print(srtp_mod_cipher, "(failure at byte %d)", i);
+                debug_print(srtp_mod_cipher, "(failure at byte %u)", k);
             }
         }
         if (status) {

crypto/include/cipher.h

@@ -132,16 +132,16 @@ typedef srtp_err_status_t (*srtp_cipher_get_tag_func_t)(void *state,
  * (see the srtp_cipher_type_self_test() function below)
  */
 typedef struct srtp_cipher_test_case_t {
-    int key_length_octets;        /* octets in key            */
-    const uint8_t *key;           /* key                      */
-    uint8_t *idx;                 /* packet index             */
-    int plaintext_length_octets;  /* octets in plaintext      */
-    const uint8_t *plaintext;     /* plaintext                */
-    int ciphertext_length_octets; /* octets in plaintext      */
-    const uint8_t *ciphertext;    /* ciphertext               */
-    int aad_length_octets;        /* octets in AAD            */
-    const uint8_t *aad;           /* AAD                      */
-    int tag_length_octets;        /* Length of AEAD tag       */
+    int key_length_octets;                 /* octets in key            */
+    const uint8_t *key;                    /* key                      */
+    uint8_t *idx;                          /* packet index             */
+    unsigned int plaintext_length_octets;  /* octets in plaintext      */
+    const uint8_t *plaintext;              /* plaintext                */
+    unsigned int ciphertext_length_octets; /* octets in plaintext      */
+    const uint8_t *ciphertext;             /* ciphertext               */
+    int aad_length_octets;                 /* octets in AAD            */
+    const uint8_t *aad;                    /* AAD                      */
+    int tag_length_octets;                 /* Length of AEAD tag       */
     const struct srtp_cipher_test_case_t
         *next_test_case; /* pointer to next testcase */
 } srtp_cipher_test_case_t;

crypto/replay/rdb.c

@@ -100,9 +100,10 @@ srtp_err_status_t srtp_rdb_check(const srtp_rdb_t *rdb, uint32_t p_index)
  */
 srtp_err_status_t srtp_rdb_add_index(srtp_rdb_t *rdb, uint32_t p_index)
 {
-    int delta;
+    unsigned int delta;
 
-    /* here we *assume* that p_index > rdb->window_start */
+    if (p_index < rdb->window_start)
+        return srtp_err_status_replay_fail;
 
     delta = (p_index - rdb->window_start);
     if (delta < rdb_bits_in_bitmask) {

srtp/srtp.c

@@ -821,7 +821,7 @@ static inline int base_key_length(const srtp_cipher_type_t *cipher,
 
 unsigned int srtp_validate_policy_master_keys(const srtp_policy_t *policy)
 {
-    int i = 0;
+    unsigned long i = 0;
 
     if (policy->key == NULL) {
         if (policy->num_master_keys <= 0)
@@ -879,7 +879,7 @@ srtp_err_status_t srtp_stream_init_all_master_keys(
     srtp_master_key_t **keys,
     const unsigned int max_master_keys)
 {
-    int i = 0;
+    unsigned int i = 0;
     srtp_err_status_t status = srtp_err_status_ok;
     srtp_master_key_t single_master_key;
 
@@ -4156,12 +4156,16 @@ srtp_err_status_t srtp_unprotect_rtcp_mki(srtp_t ctx,
 
     /* we assume the hdr is 32-bit aligned to start */
 
+    if (*pkt_octet_len < 0)
+        return srtp_err_status_bad_param;
+
     /*
      * check that the length value is sane; we'll check again once we
      * know the tag length, but we at least want to know that it is
      * a positive value
      */
-    if (*pkt_octet_len < octets_in_rtcp_header + sizeof(srtcp_trailer_t))
+    if ((unsigned int)(*pkt_octet_len) <
+        octets_in_rtcp_header + sizeof(srtcp_trailer_t))
         return srtp_err_status_bad_param;
 
     /*