From ff3d99ce94ddb782914b5bb79a13d7ea564da5d5 Mon Sep 17 00:00:00 2001 From: Justin W Smith <103147162+justsmth@users.noreply.github.com> Date: Tue, 4 Jun 2024 20:35:14 -0400 Subject: [PATCH] Fixes for building with `-pedantic` (#1608) --- .github/workflows/actions-ci.yml | 54 ++++++++++++++++++++++++++------ CMakeLists.txt | 5 +-- crypto/fipsmodule/hmac/hmac.c | 16 +++++----- crypto/mem.c | 2 +- 4 files changed, 57 insertions(+), 20 deletions(-) diff --git a/.github/workflows/actions-ci.yml b/.github/workflows/actions-ci.yml index 7cbbf2d665..e20c527cd9 100644 --- a/.github/workflows/actions-ci.yml +++ b/.github/workflows/actions-ci.yml @@ -263,13 +263,49 @@ jobs: if: ${{ !( matrix.gccversion == '14' && matrix.fips == '1' ) }} run: cmake --build ./build --target run_tests + gcc-13-pedantic: + if: github.repository_owner == 'aws' + needs: [ sanity-test-run ] + runs-on: ubuntu-24.04 + steps: + - uses: actions/checkout@v3 + - name: Setup CMake + uses: threeal/cmake-action@v1.3.0 + with: + generator: Ninja + c-compiler: gcc-13 + cxx-compiler: g++-13 + options: CMAKE_BUILD_TYPE=Release CMAKE_C_FLAGS=-pedantic CMAKE_CXX_FLAGS=-pedantic + - name: Build Crypto + run: cmake --build ./build --target crypto + - name: Build SSL + run: cmake --build ./build --target ssl + + clang-18-pedantic: + if: github.repository_owner == 'aws' + needs: [ sanity-test-run ] + runs-on: ubuntu-24.04 + steps: + - uses: actions/checkout@v3 + - name: Setup CMake + uses: threeal/cmake-action@v1.3.0 + with: + generator: Ninja + c-compiler: clang-18 + cxx-compiler: clang++-18 + options: CMAKE_BUILD_TYPE=Release CMAKE_C_FLAGS=-pedantic CMAKE_CXX_FLAGS=-pedantic + - name: Build Crypto + run: cmake --build ./build --target crypto + - name: Build SSL + run: cmake --build ./build --target ssl + clang-ubuntu-2004-sanity: if: github.repository_owner == 'aws' needs: [sanity-test-run] strategy: fail-fast: false matrix: - gccversion: + clangversion: - "10" - "11" - "12" @@ -286,8 +322,8 @@ jobs: uses: threeal/cmake-action@v1.3.0 with: generator: Ninja - c-compiler: clang-${{ matrix.gccversion }} - cxx-compiler: clang++-${{ matrix.gccversion }} + c-compiler: clang-${{ matrix.clangversion }} + cxx-compiler: clang++-${{ matrix.clangversion }} options: FIPS=${{ matrix.fips }} CMAKE_BUILD_TYPE=Release - name: Build Project run: cmake --build ./build --target all @@ -300,7 +336,7 @@ jobs: strategy: fail-fast: false matrix: - gccversion: + clangversion: - "13" - "14" - "15" @@ -317,8 +353,8 @@ jobs: uses: threeal/cmake-action@v1.3.0 with: generator: Ninja - c-compiler: clang-${{ matrix.gccversion }} - cxx-compiler: clang++-${{ matrix.gccversion }} + c-compiler: clang-${{ matrix.clangversion }} + cxx-compiler: clang++-${{ matrix.clangversion }} options: FIPS=${{ matrix.fips }} CMAKE_BUILD_TYPE=Release - name: Build Project run: cmake --build ./build --target all @@ -331,7 +367,7 @@ jobs: strategy: fail-fast: false matrix: - gccversion: + clangversion: - "16" - "17" - "18" @@ -348,8 +384,8 @@ jobs: uses: threeal/cmake-action@v1.3.0 with: generator: Ninja - c-compiler: clang-${{ matrix.gccversion }} - cxx-compiler: clang++-${{ matrix.gccversion }} + c-compiler: clang-${{ matrix.clangversion }} + cxx-compiler: clang++-${{ matrix.clangversion }} options: FIPS=${{ matrix.fips }} CMAKE_BUILD_TYPE=Release - name: Build Project run: cmake --build ./build --target all diff --git a/CMakeLists.txt b/CMakeLists.txt index b640b3ffcf..3b66ce6fe8 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -358,8 +358,9 @@ if(GCC OR CLANG) set(C_CXX_FLAGS "${C_CXX_FLAGS} -Wall -fvisibility=hidden -fno-common") endif() set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wunused -Wcomment -Wchar-subscripts -Wuninitialized -Wshadow") - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wwrite-strings -Wformat-security -Wunused-result") - set(C_CXX_FLAGS "${C_CXX_FLAGS} -Wvla -Wtype-limits -Wno-unused-parameter") + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wwrite-strings -Wformat-security -Wunused-result -Wno-overlength-strings") + set(CMAKE_ASM_FLAGS "${CMAKE_ASM_FLAGS} -Wno-newline-eof") + set(C_CXX_FLAGS "${C_CXX_FLAGS} -Wno-c11-extensions -Wvla -Wtype-limits -Wno-unused-parameter") endif() set(C_CXX_FLAGS "${C_CXX_FLAGS} -Werror -Wformat=2 -Wsign-compare -Wmissing-field-initializers -Wwrite-strings") diff --git a/crypto/fipsmodule/hmac/hmac.c b/crypto/fipsmodule/hmac/hmac.c index 0e576c026a..0393888e58 100644 --- a/crypto/fipsmodule/hmac/hmac.c +++ b/crypto/fipsmodule/hmac/hmac.c @@ -108,14 +108,14 @@ struct hmac_methods_st { // The maximum number of HMAC implementations #define HMAC_METHOD_MAX 8 -MD_TRAMPOLINES_EXPLICIT(MD5, MD5_CTX, MD5_CBLOCK); -MD_TRAMPOLINES_EXPLICIT(SHA1, SHA_CTX, SHA_CBLOCK); -MD_TRAMPOLINES_EXPLICIT(SHA224, SHA256_CTX, SHA256_CBLOCK); -MD_TRAMPOLINES_EXPLICIT(SHA256, SHA256_CTX, SHA256_CBLOCK); -MD_TRAMPOLINES_EXPLICIT(SHA384, SHA512_CTX, SHA512_CBLOCK); -MD_TRAMPOLINES_EXPLICIT(SHA512, SHA512_CTX, SHA512_CBLOCK); -MD_TRAMPOLINES_EXPLICIT(SHA512_224, SHA512_CTX, SHA512_CBLOCK); -MD_TRAMPOLINES_EXPLICIT(SHA512_256, SHA512_CTX, SHA512_CBLOCK); +MD_TRAMPOLINES_EXPLICIT(MD5, MD5_CTX, MD5_CBLOCK) +MD_TRAMPOLINES_EXPLICIT(SHA1, SHA_CTX, SHA_CBLOCK) +MD_TRAMPOLINES_EXPLICIT(SHA224, SHA256_CTX, SHA256_CBLOCK) +MD_TRAMPOLINES_EXPLICIT(SHA256, SHA256_CTX, SHA256_CBLOCK) +MD_TRAMPOLINES_EXPLICIT(SHA384, SHA512_CTX, SHA512_CBLOCK) +MD_TRAMPOLINES_EXPLICIT(SHA512, SHA512_CTX, SHA512_CBLOCK) +MD_TRAMPOLINES_EXPLICIT(SHA512_224, SHA512_CTX, SHA512_CBLOCK) +MD_TRAMPOLINES_EXPLICIT(SHA512_256, SHA512_CTX, SHA512_CBLOCK) struct hmac_method_array_st { HmacMethods methods[HMAC_METHOD_MAX]; diff --git a/crypto/mem.c b/crypto/mem.c index 02799f8fbc..efe42dbee3 100644 --- a/crypto/mem.c +++ b/crypto/mem.c @@ -107,7 +107,7 @@ static void __asan_unpoison_memory_region(const void *addr, size_t size) {} // implementation is statically linked with BoringSSL. So, if |sdallocx| is // provided in, say, libc.so, we still won't use it because that's dynamically // linked. This isn't an ideal result, but its helps in some cases. -WEAK_SYMBOL_FUNC(void, sdallocx, (void *ptr, size_t size, int flags)); +WEAK_SYMBOL_FUNC(void, sdallocx, (void *ptr, size_t size, int flags)) // The following four functions can be defined to override default heap // allocation and freeing. If defined, it is the responsibility of