Google Git
Sign in
boringssl / boringssl.git / 94089a8b5367fb472660d201efb349415151c953^! / .
commit94089a8b5367fb472660d201efb349415151c953[log] [tgz]
authorDavid Benjamin <davidben@google.com>Wed Dec 15 12:54:27 2021 -0500
committerBoringssl LUCI CQ <boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com>Thu Dec 16 15:35:04 2021 +0000
treec762b4bac5739823fb62967fa805adc8ca4aa490
parent866b88dfe72f70095b7cde71f72d99f4f684abd8 [diff]
Silence -Wformat-signedness when printing X.509 versions.

This fix isn't ideal, given the current space of possible version
values. But rather than make the printing code complicated, we should
make invalid versions impossible. I've left TODOs where that would be
needed.

Bug: 467, 450
Change-Id: I6c9ae97b8454182b0c1ab6ba2e070dc6d7d8b3f4
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/50767
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: David Benjamin <davidben@google.com>

diff --git a/crypto/x509/t_crl.c b/crypto/x509/t_crl.c
index 4317a3a..d9fd16a 100644
--- a/crypto/x509/t_crl.c
+++ b/crypto/x509/t_crl.c

@@ -83,7 +83,10 @@
 
     BIO_printf(out, "Certificate Revocation List (CRL):\n");
     l = X509_CRL_get_version(x);
-    BIO_printf(out, "%8sVersion %lu (0x%lx)\n", "", l + 1, l);
+    // TODO(https://crbug.com/boringssl/467): This loses information on some
+    // invalid versions, but we should fix this by making invalid versions
+    // impossible.
+    BIO_printf(out, "%8sVersion %ld (0x%lx)\n", "", l + 1, (unsigned long)l);
     const X509_ALGOR *sig_alg;
     const ASN1_BIT_STRING *signature;
     X509_CRL_get0_signature(x, &signature, &sig_alg);

diff --git a/crypto/x509/t_req.c b/crypto/x509/t_req.c
index 8202664..92ded49 100644
--- a/crypto/x509/t_req.c
+++ b/crypto/x509/t_req.c

@@ -103,8 +103,12 @@
     }
   }
   if (!(cflag & X509_FLAG_NO_VERSION)) {
+    /* TODO(https://crbug.com/boringssl/467): This loses information on some
+     * invalid versions, but we should fix this by making invalid versions
+     * impossible. */
     l = X509_REQ_get_version(x);
-    if (BIO_printf(bio, "%8sVersion: %ld (0x%lx)\n", "", l + 1, l) <= 0) {
+    if (BIO_printf(bio, "%8sVersion: %ld (0x%lx)\n", "", l + 1,
+                   (unsigned long)l) <= 0) {
       goto err;
     }
   }

diff --git a/crypto/x509/t_x509.c b/crypto/x509/t_x509.c
index 486c4ec..10a7cad 100644
--- a/crypto/x509/t_x509.c
+++ b/crypto/x509/t_x509.c

@@ -119,9 +119,14 @@
             goto err;
     }
     if (!(cflag & X509_FLAG_NO_VERSION)) {
+        /* TODO(https://crbug.com/boringssl/467): This loses information on some
+         * invalid versions, but we should fix this by making invalid versions
+         * impossible. */
         l = X509_get_version(x);
-        if (BIO_printf(bp, "%8sVersion: %lu (0x%lx)\n", "", l + 1, l) <= 0)
+        if (BIO_printf(bp, "%8sVersion: %ld (0x%lx)\n", "", l + 1,
+                       (unsigned long)l) <= 0) {
             goto err;
+        }
     }
     if (!(cflag & X509_FLAG_NO_SERIAL)) {
         if (BIO_write(bp, "        Serial Number:", 22) <= 0) {

diff --git a/crypto/x509/x509_set.c b/crypto/x509/x509_set.c
index 93bb6a3..5cbd00d 100644
--- a/crypto/x509/x509_set.c
+++ b/crypto/x509/x509_set.c

@@ -74,7 +74,7 @@
 
 int X509_set_version(X509 *x, long version)
 {
-    // TODO(davidben): Reject invalid version numbers.
+    // TODO(https://crbug.com/boringssl/467): Reject invalid version numbers.
     if (x == NULL)
         return (0);
     if (version == 0) {

diff --git a/crypto/x509/x509cset.c b/crypto/x509/x509cset.c
index 316f084..de32e30 100644
--- a/crypto/x509/x509cset.c
+++ b/crypto/x509/x509cset.c

@@ -64,6 +64,9 @@
 
 int X509_CRL_set_version(X509_CRL *x, long version)
 {
+    /* TODO(https://crbug.com/boringssl/467): Reject invalid version
+     * numbers. Also correctly handle |X509_CRL_VERSION_1|, which should omit
+     * the encoding. */
     if (x == NULL)
         return (0);
     if (x->crl->version == NULL) {

diff --git a/crypto/x509/x509rset.c b/crypto/x509/x509rset.c
index 72b4148..5526b23 100644
--- a/crypto/x509/x509rset.c
+++ b/crypto/x509/x509rset.c

@@ -64,6 +64,8 @@
 
 int X509_REQ_set_version(X509_REQ *x, long version)
 {
+    /* TODO(https://crbug.com/boringssl/467): Reject invalid version
+     * numbers. */
     if (x == NULL)
         return (0);
     return (ASN1_INTEGER_set(x->req_info->version, version));

diff --git a/crypto/x509/x_crl.c b/crypto/x509/x_crl.c
index 0d419ac..f010849 100644
--- a/crypto/x509/x_crl.c
+++ b/crypto/x509/x_crl.c

@@ -127,7 +127,10 @@
          * affect the output of X509_CRL_print().
          */
     case ASN1_OP_D2I_POST:
-        /* TODO(davidben): Check that default |versions| are never encoded and
+        /* TODO(https://crbug.com/boringssl/467): Reject invalid version
+         * numbers.
+         *
+         * TODO(davidben): Check that default |versions| are never encoded and
          * that |extensions| is only present in v2. */
 
         (void)sk_X509_REVOKED_set_cmp_func(a->revoked, X509_REVOKED_cmp);

diff --git a/crypto/x509/x_req.c b/crypto/x509/x_req.c
index 0e9dce1..590f84d 100644
--- a/crypto/x509/x_req.c
+++ b/crypto/x509/x_req.c

@@ -82,6 +82,9 @@
         if (!rinf->attributes)
             return 0;
     }
+
+    /* TODO(https://crbug.com/boringssl/467): Add an |ASN1_OP_D2I_POST| callback
+     * and check the version. */
     return 1;
 }