From 89cf0f3cc1affec4bf913d8f2c644777a6daa54d Mon Sep 17 00:00:00 2001
From: Nayna Jain <nayna@linux.ibm.com>
Date: Thu, 13 Aug 2020 19:17:53 +0000
Subject: [PATCH 1/2] programs/ssl: Fixes incorrect EOF check in
 ssl_context_info.c

read_next_b64_code() function, that parses base64 encoded input
doesn't recognize the EOF and returns when "Too many bad symbols
are detected". This issue got identified when gcc complained for
type-limit error during cmake.

This patch fixes the issue by changing the variable type to int
and removing type-cast of fgetc() output to 'char'.

Signed-off-by: Nayna Jain <nayna@linux.ibm.com>
---
 ChangeLog.d/bugfix_type_limit_warning_ssl_context_info.txt | 3 +++
 programs/ssl/ssl_context_info.c                            | 4 ++--
 2 files changed, 5 insertions(+), 2 deletions(-)
 create mode 100644 ChangeLog.d/bugfix_type_limit_warning_ssl_context_info.txt

diff --git a/ChangeLog.d/bugfix_type_limit_warning_ssl_context_info.txt b/ChangeLog.d/bugfix_type_limit_warning_ssl_context_info.txt
new file mode 100644
index 000000000000..5a9d2623ba74
--- /dev/null
+++ b/ChangeLog.d/bugfix_type_limit_warning_ssl_context_info.txt
@@ -0,0 +1,3 @@
+Bugfix
+   * read_next_b64_code() isn't correctly checking against EOF because it checks against 'char' rather than 'int'. This is identified via type-limit warning reported by gcc.
+     Reported and fix contributed by naynajain in #3449.
diff --git a/programs/ssl/ssl_context_info.c b/programs/ssl/ssl_context_info.c
index 9bea31c69024..fb870c86bd7f 100644
--- a/programs/ssl/ssl_context_info.c
+++ b/programs/ssl/ssl_context_info.c
@@ -379,13 +379,13 @@ size_t read_next_b64_code( uint8_t **b64, size_t *max_len )
     int valid_balance = 0;  /* balance between valid and invalid characters */
     size_t len = 0;
     char pad = 0;
-    char c = 0;
+    int c = 0;
 
     while( EOF != c )
     {
         char c_valid = 0;
 
-        c = (char) fgetc( b64_file );
+        c = fgetc( b64_file );
 
         if( pad > 0 )
         {

From b0aadc407c029b9a55777e182e37b5e934a2b792 Mon Sep 17 00:00:00 2001
From: Nayna Jain <nayna@linux.ibm.com>
Date: Thu, 13 Aug 2020 19:23:52 +0000
Subject: [PATCH 2/2] programs/ssl: add EOF testcase for ssl_context_info.c

This patch updates the test cases to also check for EOF correctly.

Signed-off-by: Nayna Jain <nayna@linux.ibm.com>
---
 tests/context-info.sh                       | 7 ++++++-
 tests/data_files/base64/def_bad_b64_eof.txt | 1 +
 2 files changed, 7 insertions(+), 1 deletion(-)
 create mode 100644 tests/data_files/base64/def_bad_b64_eof.txt

diff --git a/tests/context-info.sh b/tests/context-info.sh
index 344dd4ea93d0..742e2db1e8aa 100755
--- a/tests/context-info.sh
+++ b/tests/context-info.sh
@@ -400,7 +400,12 @@ run_test "Wrong base64 format" \
          "def_bad_b64.txt" \
          -m "ERROR" \
          -u "The length of the base64 code found should be a multiple of 4" \
-         -n "bytes left to analyze from context"
+         -n "bytes left to analyze from context" \
+
+run_test "EOF base64 format" \
+         "def_bad_b64_eof.txt" \
+         -m "Finished. No valid base64 code found" \
+         -n "ERROR" \
 
 run_test "Too much data at the beginning of base64 code" \
          "def_b64_too_big_1.txt" \
diff --git a/tests/data_files/base64/def_bad_b64_eof.txt b/tests/data_files/base64/def_bad_b64_eof.txt
new file mode 100644
index 000000000000..59593b0534f4
--- /dev/null
+++ b/tests/data_files/base64/def_bad_b64_eof.txt
@@ -0,0 +1 @@
+/w==