diff options
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/asn1/tasn_dec.c | 1 | ||||
-rw-r--r-- | crypto/cipher/e_aes.c | 10 | ||||
-rw-r--r-- | crypto/hkdf/hkdf_test.c | 7 | ||||
-rw-r--r-- | crypto/internal.h | 42 | ||||
-rw-r--r-- | crypto/modes/gcm_test.c | 6 | ||||
-rw-r--r-- | crypto/test/test_util.h | 8 | ||||
-rw-r--r-- | crypto/x509/asn1_gen.c | 3 | ||||
-rw-r--r-- | crypto/x509/pkcs7_test.c | 16 | ||||
-rw-r--r-- | crypto/x509/x509_vfy.c | 3 | ||||
-rw-r--r-- | crypto/x509/x_pubkey.c | 3 | ||||
-rw-r--r-- | crypto/x509v3/v3_conf.c | 3 |
11 files changed, 38 insertions, 64 deletions
diff --git a/crypto/asn1/tasn_dec.c b/crypto/asn1/tasn_dec.c index 31afe0b..40d575d 100644 --- a/crypto/asn1/tasn_dec.c +++ b/crypto/asn1/tasn_dec.c @@ -706,7 +706,6 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, const unsigned char **in, long inlen, const ASN1_ITEM *it, int tag, int aclass, char opt, ASN1_TLC *ctx) - OPENSSL_SUPPRESS_POTENTIALLY_UNINITIALIZED_WARNINGS { int ret = 0, utype; long plen; diff --git a/crypto/cipher/e_aes.c b/crypto/cipher/e_aes.c index a0087d8..1412be1 100644 --- a/crypto/cipher/e_aes.c +++ b/crypto/cipher/e_aes.c @@ -67,6 +67,10 @@ #endif +#if defined(_MSC_VER) +#pragma warning(disable: 4702) /* Unreachable code. */ +#endif + typedef struct { union { double align; @@ -272,8 +276,7 @@ static void aesni_ctr32_encrypt_blocks(const uint8_t *in, uint8_t *out, #endif static int aes_init_key(EVP_CIPHER_CTX *ctx, const uint8_t *key, - const uint8_t *iv, int enc) - OPENSSL_SUPPRESS_UNREACHABLE_CODE_WARNINGS { + const uint8_t *iv, int enc) { int ret, mode; EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data; @@ -394,8 +397,7 @@ static char aesni_capable(void); static ctr128_f aes_ctr_set_key(AES_KEY *aes_key, GCM128_CONTEXT *gcm_ctx, block128_f *out_block, const uint8_t *key, - size_t key_len) - OPENSSL_SUPPRESS_UNREACHABLE_CODE_WARNINGS { + size_t key_len) { if (aesni_capable()) { aesni_set_encrypt_key(key, key_len * 8, aes_key); if (gcm_ctx != NULL) { diff --git a/crypto/hkdf/hkdf_test.c b/crypto/hkdf/hkdf_test.c index a4abf1c..b11061a 100644 --- a/crypto/hkdf/hkdf_test.c +++ b/crypto/hkdf/hkdf_test.c @@ -20,6 +20,8 @@ #include <openssl/err.h> #include <openssl/hkdf.h> +#include "../test/test_util.h" + typedef struct { const EVP_MD *(*md_func)(void); @@ -226,8 +228,9 @@ int main(void) { return 1; } if (memcmp(buf, test->out, test->out_len) != 0) { - fprintf(stderr, "%u: Resulting key material does not match test vector\n", - (unsigned)i); + fprintf(stderr, "%" OPENSSL_PR_SIZE_T + ": Resulting key material does not match test vector\n", + i); return 1; } } diff --git a/crypto/internal.h b/crypto/internal.h index 2229e19..61f6100 100644 --- a/crypto/internal.h +++ b/crypto/internal.h @@ -135,48 +135,6 @@ extern "C" { #endif -/* MSVC's C4701 warning about the use of *potentially*--as opposed to - * *definitely*--uninitialized values sometimes has false positives. Usually - * the false positives can and should be worked around by simplifying the - * control flow. When that is not practical, annotate the function containing - * the code that triggers the warning with - * OPENSSL_SUPPRESS_POTENTIALLY_UNINITIALIZED_WARNINGS after its parameters: - * - * void f() OPENSSL_SUPPRESS_POTENTIALLY_UNINITIALIZED_WARNINGS { - * ... - * } - * - * Note that MSVC's control flow analysis seems to operate on a whole-function - * basis, so the annotation must be placed on the entire function, not just a - * block within the function. */ -#if defined(_MSC_VER) -#define OPENSSL_SUPPRESS_POTENTIALLY_UNINITIALIZED_WARNINGS \ - __pragma(warning(suppress:4701)) -#else -#define OPENSSL_SUPPRESS_POTENTIALLY_UNINITIALIZED_WARNINGS -#endif - -/* MSVC will sometimes correctly detect unreachable code and issue a warning, - * which breaks the build since we treat errors as warnings, in some rare cases - * where we want to allow the dead code to continue to exist. In these - * situations, annotate the function containing the unreachable code with - * OPENSSL_SUPPRESS_UNREACHABLE_CODE_WARNINGS after its parameters: - * - * void f() OPENSSL_SUPPRESS_UNREACHABLE_CODE_WARNINGS { - * ... - * } - * - * Note that MSVC's reachability analysis seems to operate on a whole-function - * basis, so the annotation must be placed on the entire function, not just a - * block within the function. */ -#if defined(_MSC_VER) -#define OPENSSL_SUPPRESS_UNREACHABLE_CODE_WARNINGS \ - __pragma(warning(suppress:4702)) -#else -#define OPENSSL_SUPPRESS_UNREACHABLE_CODE_WARNINGS -#endif - - #if defined(OPENSSL_X86) || defined(OPENSSL_X86_64) || defined(OPENSSL_ARM) || \ defined(OPENSSL_AARCH64) /* OPENSSL_cpuid_setup initializes OPENSSL_ia32cap_P. */ diff --git a/crypto/modes/gcm_test.c b/crypto/modes/gcm_test.c index e543348..56639e6 100644 --- a/crypto/modes/gcm_test.c +++ b/crypto/modes/gcm_test.c @@ -282,8 +282,10 @@ static int decode_hex(uint8_t **out, size_t *out_len, const char *in, uint8_t v, v2; if (!from_hex(&v, in[i]) || !from_hex(&v2, in[i+1])) { - fprintf(stderr, "%u: invalid hex digit in %s around offset %u.\n", - test_num, description, (unsigned)i); + fprintf(stderr, + "%u: invalid hex digit in %s around offset %" OPENSSL_PR_SIZE_T + ".\n", + test_num, description, i); goto err; } buf[i/2] = (v << 4) | v2; diff --git a/crypto/test/test_util.h b/crypto/test/test_util.h index 972e206..89e70c6 100644 --- a/crypto/test/test_util.h +++ b/crypto/test/test_util.h @@ -28,6 +28,14 @@ extern "C" { void hexdump(FILE *fp, const char *msg, const void *in, size_t len); +#if defined(_MSC_VER) && _MSC_VER < 1900 +/* https://msdn.microsoft.com/en-us/library/tcxf1dw6(v=vs.120).aspx */ +#define OPENSSL_PR_SIZE_T "Iu" +#else +#define OPENSSL_PR_SIZE_T "zu" +#endif + + #if defined(__cplusplus) } #endif diff --git a/crypto/x509/asn1_gen.c b/crypto/x509/asn1_gen.c index 0660840..03a0ab9 100644 --- a/crypto/x509/asn1_gen.c +++ b/crypto/x509/asn1_gen.c @@ -142,7 +142,6 @@ ASN1_TYPE *ASN1_generate_nconf(char *str, CONF *nconf) } ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf) - OPENSSL_SUPPRESS_POTENTIALLY_UNINITIALIZED_WARNINGS { ASN1_TYPE *ret; tag_exp_arg asn1_tags; @@ -155,7 +154,7 @@ ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf) unsigned char *p; const unsigned char *cp; int cpy_len; - long hdr_len; + long hdr_len = 0; int hdr_constructed = 0, hdr_tag, hdr_class; int r; diff --git a/crypto/x509/pkcs7_test.c b/crypto/x509/pkcs7_test.c index 7e76322..2dfeb5e 100644 --- a/crypto/x509/pkcs7_test.c +++ b/crypto/x509/pkcs7_test.c @@ -22,6 +22,8 @@ #include <openssl/stack.h> #include <openssl/x509.h> +#include "../test/test_util.h" + /* kPKCS7NSS contains the certificate chain of mail.google.com, as saved by NSS * using the Chrome UI. */ @@ -504,7 +506,7 @@ static int test_cert_reparse(const uint8_t *der_bytes, size_t der_len) { X509 *b = sk_X509_value(certs2, i); if (X509_cmp(a, b) != 0) { - fprintf(stderr, "Certificate %u differs.\n", (unsigned) i); + fprintf(stderr, "Certificate %" OPENSSL_PR_SIZE_T " differs.\n", i); return 0; } } @@ -568,7 +570,7 @@ static int test_crl_reparse(const uint8_t *der_bytes, size_t der_len) { X509_CRL *b = sk_X509_CRL_value(crls2, i); if (X509_CRL_cmp(a, b) != 0) { - fprintf(stderr, "CRL %u differs.\n", (unsigned) i); + fprintf(stderr, "CRL %" OPENSSL_PR_SIZE_T " differs.\n", i); return 0; } } @@ -606,8 +608,9 @@ static int test_pem_certs(const char *pem) { if (sk_X509_num(certs) != 1) { fprintf(stderr, - "Bad number of certificates from PKCS7_get_PEM_certificates: %u\n", - (unsigned)sk_X509_num(certs)); + "Bad number of certificates from PKCS7_get_PEM_certificates: " + "%" OPENSSL_PR_SIZE_T "\n", + sk_X509_num(certs)); return 0; } @@ -628,8 +631,9 @@ static int test_pem_crls(const char *pem) { if (sk_X509_CRL_num(crls) != 1) { fprintf(stderr, - "Bad number of CRLs from PKCS7_get_PEM_CRLs: %u\n", - (unsigned)sk_X509_CRL_num(crls)); + "Bad number of CRLs from PKCS7_get_PEM_CRLs: %" OPENSSL_PR_SIZE_T + "\n", + sk_X509_CRL_num(crls)); return 0; } diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c index e7f2103..2ed2f03 100644 --- a/crypto/x509/x509_vfy.c +++ b/crypto/x509/x509_vfy.c @@ -844,11 +844,10 @@ static int check_revocation(X509_STORE_CTX *ctx) } static int check_cert(X509_STORE_CTX *ctx) - OPENSSL_SUPPRESS_POTENTIALLY_UNINITIALIZED_WARNINGS { X509_CRL *crl = NULL, *dcrl = NULL; X509 *x; - int ok, cnum; + int ok = 0, cnum; unsigned int last_reasons; cnum = ctx->error_depth; x = sk_X509_value(ctx->chain, cnum); diff --git a/crypto/x509/x_pubkey.c b/crypto/x509/x_pubkey.c index 47f256c..1549195 100644 --- a/crypto/x509/x_pubkey.c +++ b/crypto/x509/x_pubkey.c @@ -54,6 +54,8 @@ * copied and put under another distribution licence * [including the GNU Public Licence.] */ +#include <openssl/x509.h> + #include <limits.h> #include <openssl/asn1.h> @@ -64,7 +66,6 @@ #include <openssl/mem.h> #include <openssl/obj.h> #include <openssl/thread.h> -#include <openssl/x509.h> #include "../internal.h" diff --git a/crypto/x509v3/v3_conf.c b/crypto/x509v3/v3_conf.c index 7405e1e..66abca4 100644 --- a/crypto/x509v3/v3_conf.c +++ b/crypto/x509v3/v3_conf.c @@ -263,10 +263,9 @@ static int v3_check_generic(char **value) static X509_EXTENSION *v3_generic_extension(const char *ext, char *value, int crit, int gen_type, X509V3_CTX *ctx) - OPENSSL_SUPPRESS_POTENTIALLY_UNINITIALIZED_WARNINGS { unsigned char *ext_der = NULL; - long ext_len; + long ext_len = 0; ASN1_OBJECT *obj = NULL; ASN1_OCTET_STRING *oct = NULL; X509_EXTENSION *extension = NULL; |