From f64c373784370ad4f9f4fadf171dff8f5547097c Mon Sep 17 00:00:00 2001 From: Adam Langley Date: Tue, 8 May 2018 15:04:35 -0700 Subject: [PATCH] Fix build with GCC 4.9.2 and -Wtype-limits. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit gRPC builds on Debian Jessie, which has GCC 4.9.2, and builds with -Wtype-limits, which makes it warn about code intended for 64-bit systems when building on 32-bit systems. We have tried to avoid these issues with Clang previously by guarding with “sizeof(size_t) > 4”, but this version of GCC isn't smart enough to figure that out. Change-Id: I800ceb3891436fa7c81474ede4b8656021568357 Reviewed-on: https://boringssl-review.googlesource.com/28247 Reviewed-by: David Benjamin Commit-Queue: David Benjamin CQ-Verified: CQ bot account: commit-bot@chromium.org --- crypto/fipsmodule/modes/ccm.c | 4 +--- ssl/d1_both.cc | 16 +++++++++++++++- ssl/s3_both.cc | 4 ++-- 3 files changed, 18 insertions(+), 6 deletions(-) diff --git a/crypto/fipsmodule/modes/ccm.c b/crypto/fipsmodule/modes/ccm.c index deff6791..784e4fa2 100644 --- a/crypto/fipsmodule/modes/ccm.c +++ b/crypto/fipsmodule/modes/ccm.c @@ -158,9 +158,7 @@ static int ccm128_init_state(const CCM128_CONTEXT *ctx, size_t remaining_blocks = 2 * ((plaintext_len + 15) / 16) + 1; if (plaintext_len + 15 < plaintext_len || remaining_blocks + blocks < blocks || - // Silence Clang's unhelpful -Wtautological-constant-out-of-range-compare - // warning. - (sizeof(size_t) > 4 && remaining_blocks + blocks > UINT64_C(1) << 61)) { + (uint64_t) remaining_blocks + blocks > UINT64_C(1) << 61) { return 0; } diff --git a/ssl/d1_both.cc b/ssl/d1_both.cc index d29af784..31c83c60 100644 --- a/ssl/d1_both.cc +++ b/ssl/d1_both.cc @@ -536,6 +536,20 @@ bool dtls1_finish_message(SSL *ssl, CBB *cbb, Array *out_msg) { return true; } +// ssl_size_t_greater_than_32_bits returns whether |v| exceeds the bounds of a +// 32-bit value. The obvious thing doesn't work because, in some 32-bit build +// configurations, the compiler warns that the test is always false and breaks +// the build. +static bool ssl_size_t_greater_than_32_bits(size_t v) { +#if defined(OPENSSL_64_BIT) + return v > 0xffffffff; +#elif defined(OPENSSL_32_BIT) + return false; +#else +#error "Building for neither 32- nor 64-bits." +#endif +} + // add_outgoing adds a new handshake message or ChangeCipherSpec to the current // outgoing flight. It returns true on success and false on error. static bool add_outgoing(SSL *ssl, bool is_ccs, Array data) { @@ -550,7 +564,7 @@ static bool add_outgoing(SSL *ssl, bool is_ccs, Array data) { (1 << 8 * sizeof(ssl->d1->outgoing_messages_len)), "outgoing_messages_len is too small"); if (ssl->d1->outgoing_messages_len >= SSL_MAX_HANDSHAKE_FLIGHT || - static_cast(data.size()) > 0xffffffff) { + ssl_size_t_greater_than_32_bits(data.size())) { assert(false); OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); return false; diff --git a/ssl/s3_both.cc b/ssl/s3_both.cc index afc68ca1..9d1218cc 100644 --- a/ssl/s3_both.cc +++ b/ssl/s3_both.cc @@ -238,8 +238,8 @@ int ssl3_flush_flight(SSL *ssl) { return -1; } - if (static_cast(ssl->s3->pending_flight->length) > 0xffffffff || - ssl->s3->pending_flight->length > INT_MAX) { + static_assert(INT_MAX <= 0xffffffff, "int is larger than 32 bits"); + if (ssl->s3->pending_flight->length > INT_MAX) { OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); return -1; }