From 11016a3f1ee88ed33deb54d514891050d1e1c392 Mon Sep 17 00:00:00 2001
From: Dana Keeler <dkeeler@mozilla.com>
Date: Wed, 15 Jan 2025 01:57:30 +0000
Subject: [PATCH] Bug 1940804 - avoid some "as" casts in cert_storage  
 a=RyanVM

Original Revision: https://phabricator.services.mozilla.com/D233775

Differential Revision: https://phabricator.services.mozilla.com/D233880
---
 security/manager/ssl/cert_storage/src/lib.rs | 41 +++++++++++---------
 1 file changed, 23 insertions(+), 18 deletions(-)

diff --git a/security/manager/ssl/cert_storage/src/lib.rs b/security/manager/ssl/cert_storage/src/lib.rs
index 71c966fa4cb5..ff3611009df8 100644
--- a/security/manager/ssl/cert_storage/src/lib.rs
+++ b/security/manager/ssl/cert_storage/src/lib.rs
@@ -40,6 +40,7 @@ use rkv::{StoreError, StoreOptions, Value};
 use rust_cascade::Cascade;
 use sha2::{Digest, Sha256};
 use std::collections::{HashMap, HashSet};
+use std::convert::TryInto;
 use std::ffi::CString;
 use std::fmt::Display;
 use std::fs::{create_dir_all, remove_file, File, OpenOptions};
@@ -266,10 +267,10 @@ impl SecurityState {
         };
         let reader = env_and_store.env.read()?;
         match env_and_store.store.get(&reader, key) {
-            Ok(Some(Value::I64(i)))
-                if i <= (std::i16::MAX as i64) && i >= (std::i16::MIN as i64) =>
-            {
-                Ok(Some(i as i16))
+            Ok(Some(Value::I64(i))) => {
+                Ok(Some(i.try_into().map_err(|_| {
+                    SecurityStateError::from("Stored value out of range for i16")
+                })?))
             }
             Ok(None) => Ok(None),
             Ok(_) => Err(SecurityStateError::from(
@@ -893,10 +894,10 @@ struct Cert<'a> {
 
 impl<'a> Cert<'a> {
     fn new(der: &'a [u8], subject: &'a [u8], trust: i16) -> Result<Cert<'a>, SecurityStateError> {
-        if der.len() > u16::max as usize {
+        if der.len() > u16::MAX.into() {
             return Err(SecurityStateError::from("certificate is too long"));
         }
-        if subject.len() > u16::max as usize {
+        if subject.len() > u16::MAX.into() {
             return Err(SecurityStateError::from("subject is too long"));
         }
         Ok(Cert {
@@ -920,7 +921,7 @@ impl<'a> Cert<'a> {
             return Err(SecurityStateError::from("invalid Cert: no der len?"));
         }
         let (mut der_len, rest) = rest.split_at(size_of::<u16>());
-        let der_len = der_len.read_u16::<NetworkEndian>()? as usize;
+        let der_len = der_len.read_u16::<NetworkEndian>()?.into();
         if rest.len() < der_len {
             return Err(SecurityStateError::from("invalid Cert: no der?"));
         }
@@ -930,7 +931,7 @@ impl<'a> Cert<'a> {
             return Err(SecurityStateError::from("invalid Cert: no subject len?"));
         }
         let (mut subject_len, rest) = rest.split_at(size_of::<u16>());
-        let subject_len = subject_len.read_u16::<NetworkEndian>()? as usize;
+        let subject_len = subject_len.read_u16::<NetworkEndian>()?.into();
         if rest.len() < subject_len {
             return Err(SecurityStateError::from("invalid Cert: no subject?"));
         }
@@ -961,15 +962,19 @@ impl<'a> Cert<'a> {
                 + size_of::<i16>(),
         );
         bytes.write_u8(CERT_SERIALIZATION_VERSION_1)?;
-        if self.der.len() > u16::max as usize {
-            return Err(SecurityStateError::from("certificate is too long"));
-        }
-        bytes.write_u16::<NetworkEndian>(self.der.len() as u16)?;
+        bytes.write_u16::<NetworkEndian>(
+            self.der
+                .len()
+                .try_into()
+                .map_err(|_| SecurityStateError::from("certificate is too long"))?,
+        )?;
         bytes.extend_from_slice(&self.der);
-        if self.subject.len() > u16::max as usize {
-            return Err(SecurityStateError::from("subject is too long"));
-        }
-        bytes.write_u16::<NetworkEndian>(self.subject.len() as u16)?;
+        bytes.write_u16::<NetworkEndian>(
+            self.subject
+                .len()
+                .try_into()
+                .map_err(|_| SecurityStateError::from("subject is too long"))?,
+        )?;
         bytes.extend_from_slice(&self.subject);
         bytes.write_i16::<NetworkEndian>(self.trust)?;
         Ok(bytes)
@@ -1183,7 +1188,7 @@ fn load_crlite_stash_from_reader_into_map(
         let issuer_spki_hash_len = reader.read_u8().map_err(|e| {
             SecurityStateError::from(format!("error reading stash issuer_spki_hash_len: {}", e))
         })?;
-        let mut issuer_spki_hash = vec![0; issuer_spki_hash_len as usize];
+        let mut issuer_spki_hash = vec![0; issuer_spki_hash_len.into()];
         reader.read_exact(&mut issuer_spki_hash).map_err(|e| {
             SecurityStateError::from(format!("error reading stash issuer_spki_hash: {}", e))
         })?;
@@ -1192,7 +1197,7 @@ fn load_crlite_stash_from_reader_into_map(
             let serial_len = reader.read_u8().map_err(|e| {
                 SecurityStateError::from(format!("error reading stash serial_len: {}", e))
             })?;
-            let mut serial = vec![0; serial_len as usize];
+            let mut serial = vec![0; serial_len.into()];
             reader.read_exact(&mut serial).map_err(|e| {
                 SecurityStateError::from(format!("error reading stash serial: {}", e))
             })?;