Hi,
The attached patch fixes some warnings.
2 of them actually show up using gcc -Wall:
pkcs12.c:508: warning: 'chain2' may be used uninitialized in this function
s_socket.c:288: warning: 'accept_socket' may be used uninitialized in this
function
They're both cases where gcc can inline the function, and thinks
the variable might be used uninitialized in case of the error
path.
Most of the rest has to do with warnings about printf argument
usage. I've replaced things like:
static char fmt[] = "foo";
printf(fmt, ...);
with:
printf("foo", ...);
So that gcc can figure out how to check them.
I've also marked 2 more function for that format argument check,
like already done in bio.h.
There are 2 warnings left:
engine.c:255: warning: format not a string literal and no format arguments
engine.c:266: warning: format not a string literal and no format arguments
I think the rest of the changes should explain themself.
Kurt
Index: apps/ocsp.c
===================================================================
RCS file: /home/kurt/openssl/cvs/openssl-cvs/openssl/apps/ocsp.c,v
retrieving revision 1.34
diff -u -r1.34 ocsp.c
--- apps/ocsp.c 17 May 2004 19:05:32 -0000 1.34
+++ apps/ocsp.c 4 Feb 2006 19:49:51 -0000
@@ -1214,12 +1214,13 @@
static int send_ocsp_response(BIO *cbio, OCSP_RESPONSE *resp)
{
- char http_resp[] =
- "HTTP/1.0 200 OK\r\nContent-type: application/ocsp-response\r\n"
- "Content-Length: %d\r\n\r\n";
if (!cbio)
return 0;
- BIO_printf(cbio, http_resp, i2d_OCSP_RESPONSE(resp, NULL));
+ BIO_printf(cbio,
+ "HTTP/1.0 200 OK\r\n"
+ "Content-type: application/ocsp-response\r\n"
+ "Content-Length: %d\r\n\r\n",
+ i2d_OCSP_RESPONSE(resp, NULL));
i2d_OCSP_RESPONSE_bio(cbio, resp);
BIO_flush(cbio);
return 1;
Index: apps/pkcs12.c
===================================================================
RCS file: /home/kurt/openssl/cvs/openssl-cvs/openssl/apps/pkcs12.c,v
retrieving revision 1.80
diff -u -r1.80 pkcs12.c
--- apps/pkcs12.c 31 May 2005 17:36:06 -0000 1.80
+++ apps/pkcs12.c 4 Feb 2006 21:44:29 -0000
@@ -800,7 +800,7 @@
int get_cert_chain (X509 *cert, X509_STORE *store, STACK_OF(X509) **chain)
{
X509_STORE_CTX store_ctx;
- STACK_OF(X509) *chn;
+ STACK_OF(X509) *chn = NULL;
int i;
/* FIXME: Should really check the return status of X509_STORE_CTX_init
@@ -813,8 +813,8 @@
}
chn = X509_STORE_CTX_get1_chain(&store_ctx);
i = 0;
- *chain = chn;
err:
+ *chain = chn;
X509_STORE_CTX_cleanup(&store_ctx);
return i;
Index: apps/s_socket.c
===================================================================
RCS file: /home/kurt/openssl/cvs/openssl-cvs/openssl/apps/s_socket.c,v
retrieving revision 1.38
diff -u -r1.38 s_socket.c
--- apps/s_socket.c 13 Jun 2005 03:23:49 -0000 1.38
+++ apps/s_socket.c 4 Feb 2006 21:45:56 -0000
@@ -323,7 +323,7 @@
{
int ret=0;
struct sockaddr_in server;
- int s= -1,i;
+ int s=INVALID_SOCKET,i;
if (!ssl_sock_init()) return(0);
@@ -363,9 +363,9 @@
/* Make it 128 for linux */
if (type==SOCK_STREAM && listen(s,128) == -1) goto err;
i=0;
- *sock=s;
ret=1;
err:
+ *sock=s;
if ((ret == 0) && (s != -1))
{
SHUTDOWN(s);
Index: apps/s_time.c
===================================================================
RCS file: /home/kurt/openssl/cvs/openssl-cvs/openssl/apps/s_time.c,v
retrieving revision 1.33
diff -u -r1.33 s_time.c
--- apps/s_time.c 6 Nov 2005 11:40:59 -0000 1.33
+++ apps/s_time.c 4 Feb 2006 19:46:34 -0000
@@ -171,16 +171,6 @@
*/
static void s_time_usage(void)
{
- static char umsg[] = "\
--time arg - max number of seconds to collect data, default %d\n\
--verify arg - turn on peer certificate verification, arg == depth\n\
--cert arg - certificate file to use, PEM format assumed\n\
--key arg - RSA file to use, PEM format assumed, key is in cert file\n\
- file if not specified by this option\n\
--CApath arg - PEM format directory of CA's\n\
--CAfile arg - PEM format file of CA's\n\
--cipher - preferred cipher to use, play with 'openssl ciphers'\n\n";
-
printf( "usage: s_time <args>\n\n" );
printf("-connect host:port - host:port to connect to (default is
%s)\n",SSL_CONNECT_NAME);
@@ -193,7 +183,16 @@
printf("-reuse - Just time connection reuse\n");
printf("-www page - Retrieve 'page' from the site\n");
#endif
- printf( umsg,SECONDS );
+ printf(
+"-time arg - max number of seconds to collect data, default %d\n"
+"-verify arg - turn on peer certificate verification, arg == depth\n"
+"-cert arg - certificate file to use, PEM format assumed\n"
+"-key arg - RSA file to use, PEM format assumed, key is in cert file\n"
+" file if not specified by this option\n"
+"-CApath arg - PEM format directory of CA's\n"
+"-CAfile arg - PEM format file of CA's\n"
+"-cipher - preferred cipher to use, play with 'openssl ciphers'\n\n",
+ SECONDS );
}
/***********************************************************************
Index: crypto/cryptlib.c
===================================================================
RCS file: /home/kurt/openssl/cvs/openssl-cvs/openssl/crypto/cryptlib.c,v
retrieving revision 1.64
diff -u -r1.64 cryptlib.c
--- crypto/cryptlib.c 16 Dec 2005 17:39:56 -0000 1.64
+++ crypto/cryptlib.c 4 Feb 2006 18:21:06 -0000
@@ -548,9 +548,9 @@
#if defined(OPENSSL_CPUID_OBJ) && !defined(OPENSSL_NO_ASM) &&
!defined(I386_ONLY)
#define OPENSSL_CPUID_SETUP
+unsigned long OPENSSL_ia32_cpuid(void);
void OPENSSL_cpuid_setup(void)
{ static int trigger=0;
- unsigned long OPENSSL_ia32_cpuid(void);
char *env;
if (trigger) return;
Index: crypto/cryptlib.h
===================================================================
RCS file: /home/kurt/openssl/cvs/openssl-cvs/openssl/crypto/cryptlib.h,v
retrieving revision 1.20
diff -u -r1.20 cryptlib.h
--- crypto/cryptlib.h 21 May 2005 13:19:26 -0000 1.20
+++ crypto/cryptlib.h 4 Feb 2006 21:55:38 -0000
@@ -100,7 +100,15 @@
void OPENSSL_cpuid_setup(void);
extern unsigned long OPENSSL_ia32cap_P;
-void OPENSSL_showfatal(const char *,...);
+
+#ifdef __GNUC__
+# define __cryptlib_h__attr__ __attribute__
+#else
+# define __cryptlib_h__attr__(x)
+#endif
+
+void OPENSSL_showfatal(const char *,...) __cryptlib_h__attr__ ((format
(printf, 1, 2)));
+
void *OPENSSL_stderr(void);
extern int OPENSSL_NONPIC_relocated;
int OPENSSL_isservice(void);
Index: crypto/mem.c
===================================================================
RCS file: /home/kurt/openssl/cvs/openssl-cvs/openssl/crypto/mem.c,v
retrieving revision 1.36
diff -u -r1.36 mem.c
--- crypto/mem.c 1 Dec 2003 12:06:15 -0000 1.36
+++ crypto/mem.c 4 Feb 2006 18:23:20 -0000
@@ -121,6 +121,7 @@
static long (*get_debug_options_func)(void) = NULL;
#endif
+extern unsigned char cleanse_ctr;
int CRYPTO_set_mem_functions(void *(*m)(size_t), void *(*r)(void *, size_t),
void (*f)(void *))
@@ -250,7 +251,6 @@
void *CRYPTO_malloc_locked(int num, const char *file, int line)
{
void *ret = NULL;
- extern unsigned char cleanse_ctr;
if (num <= 0) return NULL;
@@ -291,7 +291,6 @@
void *CRYPTO_malloc(int num, const char *file, int line)
{
void *ret = NULL;
- extern unsigned char cleanse_ctr;
if (num <= 0) return NULL;
Index: crypto/bn/asm/x86_64-gcc.c
===================================================================
RCS file:
/home/kurt/openssl/cvs/openssl-cvs/openssl/crypto/bn/asm/x86_64-gcc.c,v
retrieving revision 1.4
diff -u -r1.4 x86_64-gcc.c
--- crypto/bn/asm/x86_64-gcc.c 3 Apr 2005 18:53:29 -0000 1.4
+++ crypto/bn/asm/x86_64-gcc.c 4 Feb 2006 19:32:03 -0000
@@ -51,13 +51,17 @@
* machine.
*/
-#define BN_ULONG unsigned long
+#include <openssl/bn.h>
+#include "../bn_lcl.h"
/*
* "m"(a), "+m"(r) is the way to favor DirectPath ยต-code;
* "g"(0) let the compiler to decide where does it
* want to keep the value of zero;
*/
+#ifdef mul_add
+#undef mul_add
+#endif
#define mul_add(r,a,word,carry) do { \
register BN_ULONG high,low; \
asm ("mulq %3" \
@@ -75,6 +79,9 @@
carry=high; \
} while (0)
+#ifdef mul
+#undef mul
+#endif
#define mul(r,a,word,carry) do { \
register BN_ULONG high,low; \
asm ("mulq %3" \
@@ -88,13 +95,16 @@
(r)=carry, carry=high; \
} while (0)
+#ifdef sqr
+#undef sqr
+#endif
#define sqr(r0,r1,a) \
asm ("mulq %2" \
: "=a"(r0),"=d"(r1) \
: "a"(a) \
: "cc");
-BN_ULONG bn_mul_add_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w)
+BN_ULONG bn_mul_add_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG
w)
{
BN_ULONG c1=0;
@@ -118,7 +128,7 @@
return(c1);
}
-BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w)
+BN_ULONG bn_mul_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w)
{
BN_ULONG c1=0;
@@ -141,7 +151,7 @@
return(c1);
}
-void bn_sqr_words(BN_ULONG *r, BN_ULONG *a, int n)
+void bn_sqr_words(BN_ULONG *r, const BN_ULONG *a, int n)
{
if (n <= 0) return;
@@ -172,7 +182,7 @@
return ret;
}
-BN_ULONG bn_add_words (BN_ULONG *rp, BN_ULONG *ap, BN_ULONG *bp,int n)
+BN_ULONG bn_add_words (BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG
*bp,int n)
{ BN_ULONG ret=0,i=0;
if (n <= 0) return 0;
@@ -195,7 +205,7 @@
}
#ifndef SIMICS
-BN_ULONG bn_sub_words (BN_ULONG *rp, BN_ULONG *ap, BN_ULONG *bp,int n)
+BN_ULONG bn_sub_words (BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG
*bp,int n)
{ BN_ULONG ret=0,i=0;
if (n <= 0) return 0;
@@ -482,7 +492,7 @@
r[7]=c2;
}
-void bn_sqr_comba8(BN_ULONG *r, BN_ULONG *a)
+void bn_sqr_comba8(BN_ULONG *r, const BN_ULONG *a)
{
BN_ULONG t1,t2;
BN_ULONG c1,c2,c3;
@@ -558,7 +568,7 @@
r[15]=c1;
}
-void bn_sqr_comba4(BN_ULONG *r, BN_ULONG *a)
+void bn_sqr_comba4(BN_ULONG *r, const BN_ULONG *a)
{
BN_ULONG t1,t2;
BN_ULONG c1,c2,c3;
Index: crypto/engine/engine.h
===================================================================
RCS file: /home/kurt/openssl/cvs/openssl-cvs/openssl/crypto/engine/engine.h,v
retrieving revision 1.59
diff -u -r1.59 engine.h
--- crypto/engine/engine.h 6 Nov 2005 17:58:25 -0000 1.59
+++ crypto/engine/engine.h 4 Feb 2006 22:19:20 -0000
@@ -636,6 +636,7 @@
* be implemented with the symbol name "v_check", and a default implementation
* can be fully instantiated with IMPLEMENT_DYNAMIC_CHECK_FN(). */
typedef unsigned long (*dynamic_v_check_fn)(unsigned long ossl_version);
+unsigned long v_check(unsigned long v);
#define IMPLEMENT_DYNAMIC_CHECK_FN() \
OPENSSL_EXPORT unsigned long v_check(unsigned long v) { \
if(v >= OSSL_DYNAMIC_OLDEST) return OSSL_DYNAMIC_VERSION; \
@@ -658,6 +659,7 @@
* [static] int fn(ENGINE *e, const char *id); */
typedef int (*dynamic_bind_engine)(ENGINE *e, const char *id,
const dynamic_fns *fns);
+int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns);
#define IMPLEMENT_DYNAMIC_BIND_FN(fn) \
OPENSSL_EXPORT \
int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns) { \
Index: crypto/ocsp/ocsp_ht.c
===================================================================
RCS file: /home/kurt/openssl/cvs/openssl-cvs/openssl/crypto/ocsp/ocsp_ht.c,v
retrieving revision 1.6
diff -u -r1.6 ocsp_ht.c
--- crypto/ocsp/ocsp_ht.c 14 Mar 2003 23:38:34 -0000 1.6
+++ crypto/ocsp/ocsp_ht.c 4 Feb 2006 19:56:56 -0000
@@ -81,13 +81,13 @@
OCSP_RESPONSE *resp = NULL;
char *p, *q, *r;
int len, retcode;
- static char req_txt[] =
-"POST %s HTTP/1.0\r\n\
-Content-Type: application/ocsp-request\r\n\
-Content-Length: %d\r\n\r\n";
len = i2d_OCSP_REQUEST(req, NULL);
- if(BIO_printf(b, req_txt, path, len) < 0) {
+ if(BIO_printf(b,
+ "POST %s HTTP/1.0\r\n"
+ "Content-Type: application/ocsp-request\r\n"
+ "Content-Length: %d\r\n\r\n",
+ path, len) < 0) {
OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_WRITE_ERROR);
goto err;
}
Index: ssl/ssl_ciph.c
===================================================================
RCS file: /home/kurt/openssl/cvs/openssl-cvs/openssl/ssl/ssl_ciph.c,v
retrieving revision 1.54
diff -u -r1.54 ssl_ciph.c
--- ssl/ssl_ciph.c 30 Sep 2005 23:35:33 -0000 1.54
+++ ssl/ssl_ciph.c 4 Feb 2006 19:42:32 -0000
@@ -939,11 +939,6 @@
const char *ver,*exp_str;
const char *kx,*au,*enc,*mac;
unsigned long alg,alg2,alg_s;
-#ifdef KSSL_DEBUG
- static const char *format="%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s
AL=%lx\n";
-#else
- static const char *format="%-23s %s Kx=%-8s Au=%-4s Enc=%-9s
Mac=%-4s%s\n";
-#endif /* KSSL_DEBUG */
alg=cipher->algorithms;
alg_s=cipher->algo_strength;
@@ -1078,9 +1073,13 @@
return("Buffer too small");
#ifdef KSSL_DEBUG
- BIO_snprintf(buf,len,format,cipher->name,ver,kx,au,enc,mac,exp_str,alg);
+ BIO_snprintf(buf,len,
+ "%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s AL=%lx\n",
+ cipher->name,ver,kx,au,enc,mac,exp_str,alg);
#else
- BIO_snprintf(buf,len,format,cipher->name,ver,kx,au,enc,mac,exp_str);
+ BIO_snprintf(buf,len,
+ "%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s\n",
+ cipher->name,ver,kx,au,enc,mac,exp_str);
#endif /* KSSL_DEBUG */
return(buf);
}
Index: ssl/ssltest.c
===================================================================
RCS file: /home/kurt/openssl/cvs/openssl-cvs/openssl/ssl/ssltest.c,v
retrieving revision 1.104
diff -u -r1.104 ssltest.c
--- ssl/ssltest.c 15 Jan 2006 17:35:28 -0000 1.104
+++ ssl/ssltest.c 4 Feb 2006 21:56:34 -0000
@@ -1760,6 +1760,10 @@
return(ok);
}
+#ifdef __GNUC__
+static void process_proxy_debug(int indent, const char *format, ...)
+ __attribute__ ((format (printf, 2, 3)));
+#endif
static void process_proxy_debug(int indent, const char *format, ...)
{
static const char indentation[] =
