From e32666a0ab72855ade16a428f3f70c34c6a08584 Mon Sep 17 00:00:00 2001 From: Joost Rijneveld Date: Wed, 24 Apr 2019 12:35:17 +0200 Subject: [PATCH] Throw errors when using variable-length arrays Windows already complains about this in CI, but this will let us catch these issues on Linux as well. --- README.md | 2 +- crypto_kem/frodokem1344aes/clean/Makefile | 2 +- crypto_kem/frodokem1344shake/clean/Makefile | 2 +- crypto_kem/frodokem640aes/clean/Makefile | 2 +- crypto_kem/frodokem640shake/clean/Makefile | 2 +- crypto_kem/frodokem976aes/clean/Makefile | 2 +- crypto_kem/frodokem976shake/clean/Makefile | 2 +- crypto_kem/kyber768/clean/Makefile | 2 +- crypto_kem/ntruhps2048509/clean/Makefile | 2 +- crypto_sign/sphincs-shake256-128f-simple/clean/Makefile | 2 +- test/Makefile | 2 +- 11 files changed, 11 insertions(+), 11 deletions(-) diff --git a/README.md b/README.md index 292a7e40..225de5b3 100644 --- a/README.md +++ b/README.md @@ -44,7 +44,7 @@ _The checking of items on this list is still being developed. Checked items shou * [x] No errors/warnings reported by address sanitizer * [x] Only dependencies: `fips202.c`, `sha2.c`, `aes.c`, `randombytes.c` * [x] API functions return `0` on success -* [x] No dynamic memory allocations +* [x] No dynamic memory allocations (including variable-length arrays) * [ ] No branching on secret data (dynamically checked using valgrind) * [ ] No access to secret memory locations (dynamically checked using valgrind) * [x] Separate subdirectories (without symlinks) for each parameter set of each scheme diff --git a/crypto_kem/frodokem1344aes/clean/Makefile b/crypto_kem/frodokem1344aes/clean/Makefile index 47ca6add..d3607215 100644 --- a/crypto_kem/frodokem1344aes/clean/Makefile +++ b/crypto_kem/frodokem1344aes/clean/Makefile @@ -4,7 +4,7 @@ LIB=libfrodokem1344aes_clean.a HEADERS=api.h params.h common.h OBJECTS=kem.o matrix_aes.o noise.o util.o -CFLAGS=-O3 -Wall -Wextra -Wpedantic -Werror -Wmissing-prototypes -std=c99 -I../../../common $(EXTRAFLAGS) +CFLAGS=-O3 -Wall -Wextra -Wpedantic -Werror=vla -Werror -Wmissing-prototypes -std=c99 -I../../../common $(EXTRAFLAGS) all: $(LIB) diff --git a/crypto_kem/frodokem1344shake/clean/Makefile b/crypto_kem/frodokem1344shake/clean/Makefile index d8388faf..0443acb1 100644 --- a/crypto_kem/frodokem1344shake/clean/Makefile +++ b/crypto_kem/frodokem1344shake/clean/Makefile @@ -4,7 +4,7 @@ LIB=libfrodokem1344shake_clean.a HEADERS=api.h params.h common.h OBJECTS=kem.o matrix_shake.o noise.o util.o -CFLAGS=-O3 -Wall -Wextra -Wpedantic -Werror -Wmissing-prototypes -std=c99 -I../../../common $(EXTRAFLAGS) +CFLAGS=-O3 -Wall -Wextra -Wpedantic -Werror=vla -Werror -Wmissing-prototypes -std=c99 -I../../../common $(EXTRAFLAGS) all: $(LIB) diff --git a/crypto_kem/frodokem640aes/clean/Makefile b/crypto_kem/frodokem640aes/clean/Makefile index f1600fb8..74fbe8ef 100644 --- a/crypto_kem/frodokem640aes/clean/Makefile +++ b/crypto_kem/frodokem640aes/clean/Makefile @@ -4,7 +4,7 @@ LIB=libfrodokem640aes_clean.a HEADERS=api.h params.h common.h OBJECTS=kem.o matrix_aes.o noise.o util.o -CFLAGS=-O3 -Wall -Wextra -Wpedantic -Werror -Wmissing-prototypes -std=c99 -I../../../common $(EXTRAFLAGS) +CFLAGS=-O3 -Wall -Wextra -Wpedantic -Werror=vla -Werror -Wmissing-prototypes -std=c99 -I../../../common $(EXTRAFLAGS) all: $(LIB) diff --git a/crypto_kem/frodokem640shake/clean/Makefile b/crypto_kem/frodokem640shake/clean/Makefile index 285969d0..548ddfc8 100644 --- a/crypto_kem/frodokem640shake/clean/Makefile +++ b/crypto_kem/frodokem640shake/clean/Makefile @@ -4,7 +4,7 @@ LIB=libfrodokem640shake_clean.a HEADERS=api.h params.h common.h OBJECTS=kem.o matrix_shake.o noise.o util.o -CFLAGS=-O3 -Wall -Wextra -Wpedantic -Werror -Wmissing-prototypes -std=c99 -I../../../common $(EXTRAFLAGS) +CFLAGS=-O3 -Wall -Wextra -Wpedantic -Werror=vla -Werror -Wmissing-prototypes -std=c99 -I../../../common $(EXTRAFLAGS) all: $(LIB) diff --git a/crypto_kem/frodokem976aes/clean/Makefile b/crypto_kem/frodokem976aes/clean/Makefile index e7cd8364..bd6cfa44 100644 --- a/crypto_kem/frodokem976aes/clean/Makefile +++ b/crypto_kem/frodokem976aes/clean/Makefile @@ -4,7 +4,7 @@ LIB=libfrodokem976aes_clean.a HEADERS=api.h params.h common.h OBJECTS=kem.o matrix_aes.o noise.o util.o -CFLAGS=-O3 -Wall -Wextra -Wpedantic -Werror -Wmissing-prototypes -std=c99 -I../../../common $(EXTRAFLAGS) +CFLAGS=-O3 -Wall -Wextra -Wpedantic -Werror=vla -Werror -Wmissing-prototypes -std=c99 -I../../../common $(EXTRAFLAGS) all: $(LIB) diff --git a/crypto_kem/frodokem976shake/clean/Makefile b/crypto_kem/frodokem976shake/clean/Makefile index ba8cdd69..ef05e369 100644 --- a/crypto_kem/frodokem976shake/clean/Makefile +++ b/crypto_kem/frodokem976shake/clean/Makefile @@ -4,7 +4,7 @@ LIB=libfrodokem976shake_clean.a HEADERS=api.h params.h common.h OBJECTS=kem.o matrix_shake.o noise.o util.o -CFLAGS=-O3 -Wall -Wextra -Wpedantic -Werror -Wmissing-prototypes -std=c99 -I../../../common $(EXTRAFLAGS) +CFLAGS=-O3 -Wall -Wextra -Wpedantic -Werror=vla -Werror -Wmissing-prototypes -std=c99 -I../../../common $(EXTRAFLAGS) all: $(LIB) diff --git a/crypto_kem/kyber768/clean/Makefile b/crypto_kem/kyber768/clean/Makefile index 6233fa63..11665601 100644 --- a/crypto_kem/kyber768/clean/Makefile +++ b/crypto_kem/kyber768/clean/Makefile @@ -4,7 +4,7 @@ LIB=libkyber768_clean.a HEADERS=api.h cbd.h indcpa.h ntt.h params.h poly.h polyvec.h reduce.h verify.h OBJECTS=cbd.o indcpa.o kem.o ntt.o poly.o polyvec.o precomp.o reduce.o verify.o -CFLAGS=-O3 -Wall -Wextra -Wpedantic -Werror -Wmissing-prototypes -std=c99 -I../../../common $(EXTRAFLAGS) +CFLAGS=-O3 -Wall -Wextra -Wpedantic -Werror=vla -Werror -Wmissing-prototypes -std=c99 -I../../../common $(EXTRAFLAGS) all: $(LIB) diff --git a/crypto_kem/ntruhps2048509/clean/Makefile b/crypto_kem/ntruhps2048509/clean/Makefile index 0aa70930..8780e77c 100644 --- a/crypto_kem/ntruhps2048509/clean/Makefile +++ b/crypto_kem/ntruhps2048509/clean/Makefile @@ -4,7 +4,7 @@ LIB=libntruhps2048509_clean.a HEADERS=api.h crypto_sort.h owcpa.h params.h poly.h sample.h verify.h OBJECTS=crypto_sort.o kem.o owcpa.o pack3.o packq.o poly.o sample.o verify.o -CFLAGS=-O3 -Wall -Wextra -Wpedantic -Werror -Wmissing-prototypes -std=c99 -I../../../common $(EXTRAFLAGS) +CFLAGS=-O3 -Wall -Wextra -Wpedantic -Werror=vla -Werror -Wmissing-prototypes -std=c99 -I../../../common $(EXTRAFLAGS) all: $(LIB) diff --git a/crypto_sign/sphincs-shake256-128f-simple/clean/Makefile b/crypto_sign/sphincs-shake256-128f-simple/clean/Makefile index 0ff4dcbc..a53ff5e6 100644 --- a/crypto_sign/sphincs-shake256-128f-simple/clean/Makefile +++ b/crypto_sign/sphincs-shake256-128f-simple/clean/Makefile @@ -5,7 +5,7 @@ LIB=libsphincs-shake256-128f-simple_clean.a HEADERS = params.h address.h wots.h utils.h fors.h api.h hash.h thash.h OBJECTS = address.o wots.o utils.o fors.o sign.o hash_shake256.o thash_shake256_simple.o -CFLAGS=-O3 -Wall -Wconversion -Wextra -Wpedantic -Werror -Wmissing-prototypes -std=c99 -I../../../common $(EXTRAFLAGS) +CFLAGS=-O3 -Wall -Wconversion -Wextra -Wpedantic -Werror=vla -Werror -Wmissing-prototypes -std=c99 -I../../../common $(EXTRAFLAGS) all: $(LIB) diff --git a/test/Makefile b/test/Makefile index 30a0af29..0f063a23 100644 --- a/test/Makefile +++ b/test/Makefile @@ -15,7 +15,7 @@ COMMON_HEADERS=$(COMMON_DIR)/*.h DEST_DIR=../bin # This -Wall was supported by the European Commission through the ERC Starting Grant 805031 (EPOQUE) -CFLAGS=-O3 -Wall -Wextra -Wpedantic -Werror -std=c99 \ +CFLAGS=-O3 -Wall -Wextra -Wpedantic -Werror=vla -Werror -std=c99 \ -Wundef -Wshadow -Wcast-align -Wpointer-arith -Wmissing-prototypes\ -fstrict-aliasing -fno-common -pipe \ -I$(COMMON_DIR) $(EXTRAFLAGS)