DTLS cookie: use CRYPTO_memcmp instead of std::memcmp

memcmp and openssl callbacks are somewhat of a red flag, so use CRYPTO_memcmp for the sake of looks. Done-with: Maximilian Blochberger Change-Id: I38d038ed96830cfd54c6f5cd684f80bee8d42899 Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
author: Timur Pocheptsov <timur.pocheptsov@qt.io> 2023-01-31 14:54:34 +0100
committer: Mårten Nordheim <marten.nordheim@qt.io> 2023-02-01 06:00:13 +0000
commit: 0ca8c50d95995287fdd46e3668b994f9af638f50 (patch)
tree: 9d242117ffa8899f11d436a03a967c6a68a9f49e /src/plugins/tls
parent: 5c9f044ac0757200adcb36702ef8ff2d594cba79 (diff)
3 files changed, 5 insertions, 2 deletions
diff --git a/src/plugins/tls/openssl/qdtls_openssl.cpp b/src/plugins/tls/openssl/qdtls_openssl.cpp
index 9531d5b6aa..cf0b42a82f 100644
--- a/src/plugins/tls/openssl/qdtls_openssl.cpp
+++ b/src/plugins/tls/openssl/qdtls_openssl.cpp
@@ -205,7 +205,7 @@ extern "C" int q_verify_cookie_callback(SSL *ssl, const unsigned char *cookie,
         return 0;
 
     return newCookieLength == cookieLength
-           && !std::memcmp(cookie, newCookie, cookieLength);
+           && !q_CRYPTO_memcmp(cookie, newCookie, size_t(cookieLength));
 }
 
 extern "C" int q_X509DtlsCallback(int ok, X509_STORE_CTX *ctx)
diff --git a/src/plugins/tls/openssl/qsslsocket_openssl_symbols.cpp b/src/plugins/tls/openssl/qsslsocket_openssl_symbols.cpp
index 1cdeff2c23..746a620d67 100644
--- a/src/plugins/tls/openssl/qsslsocket_openssl_symbols.cpp
+++ b/src/plugins/tls/openssl/qsslsocket_openssl_symbols.cpp
@@ -1,4 +1,4 @@
-// Copyright (C) 2017 The Qt Company Ltd.
+// Copyright (C) 2017 The Qt Company Ltd.
 // Copyright (C) 2014 BlackBerry Limited. All rights reserved.
 // Copyright (C) 2016 Richard J. Moore <rich@kde.org>
 // SPDX-License-Identifier: LicenseRef-Qt-Commercial OR LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only
@@ -155,6 +155,7 @@ DEFINEFUNC3(int, X509_STORE_set_ex_data, X509_STORE *a, a, int idx, idx, void *d
 DEFINEFUNC2(void *, X509_STORE_get_ex_data, X509_STORE *r, r, int idx, idx, return nullptr, return)
 DEFINEFUNC(STACK_OF(X509) *, X509_STORE_CTX_get0_chain, X509_STORE_CTX *a, a, return nullptr, return)
 DEFINEFUNC3(void, CRYPTO_free, void *str, str, const char *file, file, int line, line, return, DUMMYARG)
+DEFINEFUNC3(int, CRYPTO_memcmp, const void * in_a, in_a, const void * in_b, in_b, size_t len, len, return 1, return);
 DEFINEFUNC(long, OpenSSL_version_num, void, DUMMYARG, return 0, return)
 DEFINEFUNC(const char *, OpenSSL_version, int a, a, return nullptr, return)
 DEFINEFUNC(unsigned long, SSL_SESSION_get_ticket_lifetime_hint, const SSL_SESSION *session, session, return 0, return)
@@ -890,6 +891,7 @@ bool q_resolveOpenSslSymbols()
         RESOLVEFUNC(X509_STORE_set_ex_data)
         RESOLVEFUNC(X509_STORE_get_ex_data)
         RESOLVEFUNC(CRYPTO_free)
+        RESOLVEFUNC(CRYPTO_memcmp)
         RESOLVEFUNC(OpenSSL_version_num)
         RESOLVEFUNC(OpenSSL_version)
 
diff --git a/src/plugins/tls/openssl/qsslsocket_openssl_symbols_p.h b/src/plugins/tls/openssl/qsslsocket_openssl_symbols_p.h
index 3c387ab96b..d020527476 100644
--- a/src/plugins/tls/openssl/qsslsocket_openssl_symbols_p.h
+++ b/src/plugins/tls/openssl/qsslsocket_openssl_symbols_p.h
@@ -662,6 +662,7 @@ void *q_CRYPTO_malloc(size_t num, const char *file, int line);
 #define q_OPENSSL_malloc(num) q_CRYPTO_malloc(num, "", 0)
 void q_CRYPTO_free(void *str, const char *file, int line);
 # define q_OPENSSL_free(addr) q_CRYPTO_free(addr, "", 0)
+int q_CRYPTO_memcmp(const void * in_a, const void * in_b, size_t len);
 
 void q_SSL_set_info_callback(SSL *ssl, void (*cb) (const SSL *ssl, int type, int val));
 const char *q_SSL_alert_type_string(int value);
author	Timur Pocheptsov <timur.pocheptsov@qt.io>	2023-01-31 14:54:34 +0100
committer	Mårten Nordheim <marten.nordheim@qt.io>	2023-02-01 06:00:13 +0000
commit	0ca8c50d95995287fdd46e3668b994f9af638f50 (patch)
tree	9d242117ffa8899f11d436a03a967c6a68a9f49e /src/plugins/tls
parent	5c9f044ac0757200adcb36702ef8ff2d594cba79 (diff)