3.8.2 gcc 13 warnings -Wstringop-overflow, -Wdangling-pointer
#926
Comments
vszakats
changed the title
-Wstringop-overflow and -Wdangling-pointer
vszakats
changed the title
-Wstringop-overflow and -Wdangling-pointer-Wstringop-overflow, -Wdangling-pointer
This assumes that I wonder if the warning goes away if we do this, but I'm not sure if gcc is smart enough: diff --git a/lbressl/crypto/cmac/cmac.c b/libressl/crypto/cmac/cmac.c
index 257bd21ccad..75930fd3cfe 100644
--- a/libressl/crypto/cmac/cmac.c
+++ b/libressl/crypto/cmac/cmac.c
@@ -186,7 +186,8 @@ CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen,
return 0;
if (!EVP_EncryptInit_ex(&ctx->cctx, NULL, NULL, key, zero_iv))
return 0;
- bl = EVP_CIPHER_CTX_block_size(&ctx->cctx);
+ if ((bl = EVP_CIPHER_CTX_block_size(&ctx->cctx)) <= 0)
+ return 0;
if (!EVP_Cipher(&ctx->cctx, ctx->tbl, zero_iv, bl))
return 0;
make_kn(ctx->k1, ctx->tbl, bl);The second pile of warnings could be "solved" by deleting or commenting out this line: portable/crypto/compat/timegm.c Line 62 in e454895 However, it should be noted that Also note that this is a copy of musl code. |
|
I tried both of your suggestions and they do make these warnings [ Luckily, I'm not building musl from source :) ] |
|
Thanks for testing. Then I'll land a few fixes in the vicinity of that particular problem zone in cmac.c. I think it would be fine to comment out the line in the |
|
Do we even need timegm() anymore? I thought I got rid of all that?
… On Nov 3, 2023, at 3:53 PM, Theo Buehler ***@***.***> wrote:
Thanks for testing. Then I'll land a few fixes in the vicinity of that particular problem zone in cmac.c. I think it would be fine to comment out the line in the timegm.c code and explicitly say why it is done.
—
Reply to this email directly, view it on GitHub, or unsubscribe.
You are receiving this because you are subscribed to this thread.Message ID: ***@***.***>
|
|
@bob-beck there is one call left in |
|
Yeah, that’s silly, I can make that go away ;)
… On Nov 3, 2023, at 4:10 PM, Theo Buehler ***@***.***> wrote:
@bob-beck there is one call left in x509_verify_asn1_time_to_time_t() in x509_verify.c:
https://github.com/openbsd/src/blob/17e3ddc9933714bd053ce70afd6d575a774aee60/lib/libcrypto/x509/x509_verify.c#L78
—
Reply to this email directly, view it on GitHub, or unsubscribe.
You are receiving this because you were mentioned.Message ID: ***@***.***>
|
|
Unfortunately there are a few more in libtls which are a bit more annoying to fix. |
Add explanatory comments that refer to the spec so that all the weird dances make a little more sense. It turns out that this implmeentation only supports block ciphers with block sizes of 64 and 128 bits, so enforce this with a check. Simplify make_kn() to make a little more sense and make it constant time. Some stylistic fixes like checking pointers explicitly against NULL and shuffle things into an order that makes a bit more sense. Includes a fix for a warning reported by Viktor Szakats in libressl/portable#926 ok jsing
Add explanatory comments that refer to the spec so that all the weird dances make a little more sense. It turns out that this implmeentation only supports block ciphers with block sizes of 64 and 128 bits, so enforce this with a check. Simplify make_kn() to make a little more sense and make it constant time. Some stylistic fixes like checking pointers explicitly against NULL and shuffle things into an order that makes a bit more sense. Includes a fix for a warning reported by Viktor Szakats in libressl/portable#926 ok jsing
|
The warning in the CMAC code should also be gone with openbsd/src@8865b67 |
|
@botovq Great, thanks! I was looking, but in the wrong repo (https://github.com/libressl-portable/openbsd). Closing this as resolved. |
|
It's also there. I usually link to commits the |
|
Found it indeed: libressl/openbsd@0423d36 |
The text was updated successfully, but these errors were encountered: