commit a6efbe123af3d98b4d10d4fcdfe68dc5303212f8

Author: raniervf <ranier_gyn@hotmail.com> Date: Thu Nov 7 18:59:11 2019 -0300 Avoid calling strlen repeatedly in loops. Reviewed-by: Paul Yang <kaishen.yy@antfin.com> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/10380)
2019-11-16 08:28:00 +10:00 · 2019-11-16 08:28:00 +10:00 · 4bac25e111
parent d7cea0b8f5
commit 4bac25e111
3 changed files with 15 additions and 11 deletions
--- a/apps/s_server.c
+++ b/apps/s_server.c
@ -2594,8 +2594,8 @@ static int sv_body(int s, int stype, int prot, unsigned char *context)
                    continue;
                }
                if (buf[0] == 'P') {
-                    static const char *str = "Lets print some clear text\n";
-                    BIO_write(SSL_get_wbio(con), str, strlen(str));
+                    static const char str[] = "Lets print some clear text\n";
+                    BIO_write(SSL_get_wbio(con), str, sizeof(str) -1);
                }
                if (buf[0] == 'S') {
                    print_stats(bio_s_out, SSL_get_SSL_CTX(con));
@ -3544,6 +3544,8 @@ static int generate_session_id(SSL *ssl, unsigned char *id,
                               unsigned int *id_len)
 {
    unsigned int count = 0;
+    unsigned int session_id_prefix_len = strlen(session_id_prefix);
+  
    do {
        if (RAND_bytes(id, *id_len) <= 0)
            return 0;
@ -3555,8 +3557,8 @@ static int generate_session_id(SSL *ssl, unsigned char *id,
         * conflicts.
         */
        memcpy(id, session_id_prefix,
-               (strlen(session_id_prefix) < *id_len) ?
-               strlen(session_id_prefix) : *id_len);
+               (session_id_prefix_len < *id_len) ?
+                session_id_prefix_len : *id_len);
    }
    while (SSL_has_matching_session_id(ssl, id, *id_len) &&
           (++count < MAX_SESSION_ID_ATTEMPTS));
--- a/ssl/ssl_ciph.c
+++ b/ssl/ssl_ciph.c
@ -1581,7 +1581,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method,
            rule_p++;
    }

-    if (ok && (strlen(rule_p) > 0))
+    if (ok && (rule_p[0] != '\0'))
        ok = ssl_cipher_process_rulestr(rule_p, &head, &tail, ca_list, c);

    OPENSSL_free(ca_list);      /* Not needed anymore */
--- a/ssl/ssl_rsa.c
+++ b/ssl/ssl_rsa.c
@ -914,8 +914,9 @@ int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file)
    long extension_length = 0;
    char *name = NULL;
    char *header = NULL;
-    char namePrefix1[] = "SERVERINFO FOR ";
-    char namePrefix2[] = "SERVERINFOV2 FOR ";
+    static const char namePrefix1[] = "SERVERINFO FOR ";
+    static const char namePrefix2[] = "SERVERINFOV2 FOR ";
+    unsigned int name_len;
    int ret = 0;
    BIO *bin = NULL;
    size_t num_extensions = 0, contextoff = 0;
@ -951,19 +952,20 @@ int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file)
                break;
        }
        /* Check that PEM name starts with "BEGIN SERVERINFO FOR " */
-        if (strlen(name) < strlen(namePrefix1)) {
+        name_len = strlen(name);
+        if (name_len < sizeof(namePrefix1) - 1) {
            SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, SSL_R_PEM_NAME_TOO_SHORT);
            goto end;
        }
-        if (strncmp(name, namePrefix1, strlen(namePrefix1)) == 0) {
+        if (strncmp(name, namePrefix1, sizeof(namePrefix1) - 1) == 0) {
            version = SSL_SERVERINFOV1;
        } else {
-            if (strlen(name) < strlen(namePrefix2)) {
+            if (name_len < sizeof(namePrefix2) - 1) {
                SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE,
                       SSL_R_PEM_NAME_TOO_SHORT);
                goto end;
            }
-            if (strncmp(name, namePrefix2, strlen(namePrefix2)) != 0) {
+            if (strncmp(name, namePrefix2, sizeof(namePrefix2) - 1) != 0) {
                SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE,
                       SSL_R_PEM_NAME_BAD_PREFIX);
                goto end;