3df51e185e
- Update to 2.26.0: * * This release of Mbed TLS provides bug fixes, minor enhancements and new features. This release includes fixes for security issues. * see https://github.com/ARMmbed/mbedtls/releases/tag/v2.26.0 - Fix build with patch from https://github.com/ARMmbed/mbedtls/pull/4237 OBS-URL: https://build.opensuse.org/request/show/880551 OBS-URL: https://build.opensuse.org/package/show/security:tls/mbedtls?expand=0&rev=26
151 lines
5.7 KiB
Diff
151 lines
5.7 KiB
Diff
From 29b641688d038143a193c69eac4d6e8eacc934d8 Mon Sep 17 00:00:00 2001
|
|
From: Paul Elliott <paul.elliott@arm.com>
|
|
Date: Wed, 17 Mar 2021 13:02:02 +0000
|
|
Subject: [PATCH 1/2] Fix printf format issue in programs
|
|
|
|
Fix issues that were missed as part of previous printf attribute
|
|
cleanup
|
|
|
|
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
|
|
---
|
|
programs/random/gen_random_havege.c | 2 +-
|
|
programs/ssl/ssl_pthread_server.c | 22 ++++++++++++----------
|
|
2 files changed, 13 insertions(+), 11 deletions(-)
|
|
|
|
diff --git a/programs/random/gen_random_havege.c b/programs/random/gen_random_havege.c
|
|
index ccca7f3d470..e82e62769e8 100644
|
|
--- a/programs/random/gen_random_havege.c
|
|
+++ b/programs/random/gen_random_havege.c
|
|
@@ -81,7 +81,7 @@ int main( int argc, char *argv[] )
|
|
if( ( ret = mbedtls_havege_random( &hs, buf, sizeof( buf ) ) ) != 0 )
|
|
{
|
|
mbedtls_printf( " failed\n ! mbedtls_havege_random returned -0x%04X",
|
|
- -ret );
|
|
+ ( unsigned int ) -ret );
|
|
goto exit;
|
|
}
|
|
|
|
diff --git a/programs/ssl/ssl_pthread_server.c b/programs/ssl/ssl_pthread_server.c
|
|
index c8ab21522ed..c4c6ef1037b 100644
|
|
--- a/programs/ssl/ssl_pthread_server.c
|
|
+++ b/programs/ssl/ssl_pthread_server.c
|
|
@@ -142,7 +142,7 @@ static void *handle_ssl_connection( void *data )
|
|
if( ( ret = mbedtls_ssl_setup( &ssl, thread_info->config ) ) != 0 )
|
|
{
|
|
mbedtls_printf( " [ #%ld ] failed: mbedtls_ssl_setup returned -0x%04x\n",
|
|
- thread_id, -ret );
|
|
+ thread_id, ( unsigned int ) -ret );
|
|
goto thread_exit;
|
|
}
|
|
|
|
@@ -158,7 +158,7 @@ static void *handle_ssl_connection( void *data )
|
|
if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE )
|
|
{
|
|
mbedtls_printf( " [ #%ld ] failed: mbedtls_ssl_handshake returned -0x%04x\n",
|
|
- thread_id, -ret );
|
|
+ thread_id, ( unsigned int ) -ret );
|
|
goto thread_exit;
|
|
}
|
|
}
|
|
@@ -195,7 +195,7 @@ static void *handle_ssl_connection( void *data )
|
|
|
|
default:
|
|
mbedtls_printf( " [ #%ld ] mbedtls_ssl_read returned -0x%04x\n",
|
|
- thread_id, -ret );
|
|
+ thread_id, ( unsigned int ) -ret );
|
|
goto thread_exit;
|
|
}
|
|
}
|
|
@@ -229,7 +229,7 @@ static void *handle_ssl_connection( void *data )
|
|
if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE )
|
|
{
|
|
mbedtls_printf( " [ #%ld ] failed: mbedtls_ssl_write returned -0x%04x\n",
|
|
- thread_id, ret );
|
|
+ thread_id, ( unsigned int ) ret );
|
|
goto thread_exit;
|
|
}
|
|
}
|
|
@@ -246,7 +246,7 @@ static void *handle_ssl_connection( void *data )
|
|
ret != MBEDTLS_ERR_SSL_WANT_WRITE )
|
|
{
|
|
mbedtls_printf( " [ #%ld ] failed: mbedtls_ssl_close_notify returned -0x%04x\n",
|
|
- thread_id, ret );
|
|
+ thread_id, ( unsigned int ) ret );
|
|
goto thread_exit;
|
|
}
|
|
}
|
|
@@ -263,7 +263,7 @@ static void *handle_ssl_connection( void *data )
|
|
char error_buf[100];
|
|
mbedtls_strerror( ret, error_buf, 100 );
|
|
mbedtls_printf(" [ #%ld ] Last error was: -0x%04x - %s\n\n",
|
|
- thread_id, -ret, error_buf );
|
|
+ thread_id, ( unsigned int ) -ret, error_buf );
|
|
}
|
|
#endif
|
|
|
|
@@ -408,7 +408,7 @@ int main( void )
|
|
strlen( pers ) ) ) != 0 )
|
|
{
|
|
mbedtls_printf( " failed: mbedtls_ctr_drbg_seed returned -0x%04x\n",
|
|
- -ret );
|
|
+ ( unsigned int ) -ret );
|
|
goto exit;
|
|
}
|
|
|
|
@@ -425,7 +425,7 @@ int main( void )
|
|
MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 )
|
|
{
|
|
mbedtls_printf( " failed: mbedtls_ssl_config_defaults returned -0x%04x\n",
|
|
- -ret );
|
|
+ ( unsigned int ) -ret );
|
|
goto exit;
|
|
}
|
|
|
|
@@ -470,7 +470,8 @@ int main( void )
|
|
{
|
|
char error_buf[100];
|
|
mbedtls_strerror( ret, error_buf, 100 );
|
|
- mbedtls_printf( " [ main ] Last error was: -0x%04x - %s\n", -ret, error_buf );
|
|
+ mbedtls_printf( " [ main ] Last error was: -0x%04x - %s\n", ( unsigned int ) -ret,
|
|
+ error_buf );
|
|
}
|
|
#endif
|
|
|
|
@@ -482,7 +483,8 @@ int main( void )
|
|
if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd,
|
|
NULL, 0, NULL ) ) != 0 )
|
|
{
|
|
- mbedtls_printf( " [ main ] failed: mbedtls_net_accept returned -0x%04x\n", ret );
|
|
+ mbedtls_printf( " [ main ] failed: mbedtls_net_accept returned -0x%04x\n",
|
|
+ ( unsigned int ) ret );
|
|
goto exit;
|
|
}
|
|
|
|
|
|
From 2065a8d8af27c6cb1e40c9462b5933336dca7434 Mon Sep 17 00:00:00 2001
|
|
From: Paul Elliott <paul.elliott@arm.com>
|
|
Date: Wed, 17 Mar 2021 13:12:22 +0000
|
|
Subject: [PATCH 2/2] Reduce level of -Wformat-truncation
|
|
|
|
Reduce level of format truncation warnings due to issues with false
|
|
positives (an unknown size buffer is always treated as size 1)
|
|
|
|
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
|
|
---
|
|
CMakeLists.txt | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git a/CMakeLists.txt b/CMakeLists.txt
|
|
index 2ab2e01ebf0..14ca7b69625 100644
|
|
--- a/CMakeLists.txt
|
|
+++ b/CMakeLists.txt
|
|
@@ -198,7 +198,7 @@ if(CMAKE_COMPILER_IS_GNU)
|
|
endif()
|
|
endif()
|
|
if (GCC_VERSION VERSION_GREATER 7.0 OR GCC_VERSION VERSION_EQUAL 7.0)
|
|
- set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wformat-overflow=2 -Wformat-truncation=2")
|
|
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wformat-overflow=2 -Wformat-truncation")
|
|
endif()
|
|
set(CMAKE_C_FLAGS_RELEASE "-O2")
|
|
set(CMAKE_C_FLAGS_DEBUG "-O0 -g3")
|