Fix build when using Visual Studio 2015 Update 1. Many of the compatibility issues are described at https://msdn.microsoft.com/en-us/library/mt612856.aspx. The macros that suppressed warnings on a per-function basis no longer work in Update 1, so replace them with #pragmas. Update 1 warns when |size_t| arguments to |printf| are casted, so stop doing that casting. Unfortunately, this requires an ugly hack to continue working in MSVC 2013 as MSVC 2013 doesn't support "%zu". Finally, Update 1 has new warnings, some of which need to be suppressed. --- Updated by davidben to give up on suppressing warnings in crypto/x509 and crypto/x509v3 as those directories aren't changed much from upstream. In each of these cases, upstream opted just blindly initialize the variable, so do the same. Also switch C4265 to level 4, per Microsoft's recommendation and work around a bug in limits.h that happens to get fixed by Google include order style. (limits.h is sensitive to whether corecrt.h, pulled in by stddef.h and some other headers, is included before it. The reason it affected just one file is we often put the file's header first, which means base.h is pulling in stddef.h. Relying on this is ugly, but it's no worse than what everything else is doing and this doesn't seem worth making something as tame as limits.h so messy to use.) Change-Id: I02d1f935356899f424d3525d03eca401bfa3e6cd Reviewed-on: https://boringssl-review.googlesource.com/7480 Reviewed-by: David Benjamin <davidben@google.com>
diff --git a/crypto/asn1/tasn_dec.c b/crypto/asn1/tasn_dec.c index 31afe0b..40d575d 100644 --- a/crypto/asn1/tasn_dec.c +++ b/crypto/asn1/tasn_dec.c
@@ -706,7 +706,6 @@ const unsigned char **in, long inlen, const ASN1_ITEM *it, int tag, int aclass, char opt, ASN1_TLC *ctx) - OPENSSL_SUPPRESS_POTENTIALLY_UNINITIALIZED_WARNINGS { int ret = 0, utype; long plen;
diff --git a/crypto/cipher/e_aes.c b/crypto/cipher/e_aes.c index a0087d8..1412be1 100644 --- a/crypto/cipher/e_aes.c +++ b/crypto/cipher/e_aes.c
@@ -67,6 +67,10 @@ #endif +#if defined(_MSC_VER) +#pragma warning(disable: 4702) /* Unreachable code. */ +#endif + typedef struct { union { double align; @@ -272,8 +276,7 @@ #endif static int aes_init_key(EVP_CIPHER_CTX *ctx, const uint8_t *key, - const uint8_t *iv, int enc) - OPENSSL_SUPPRESS_UNREACHABLE_CODE_WARNINGS { + const uint8_t *iv, int enc) { int ret, mode; EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data; @@ -394,8 +397,7 @@ static ctr128_f aes_ctr_set_key(AES_KEY *aes_key, GCM128_CONTEXT *gcm_ctx, block128_f *out_block, const uint8_t *key, - size_t key_len) - OPENSSL_SUPPRESS_UNREACHABLE_CODE_WARNINGS { + size_t key_len) { if (aesni_capable()) { aesni_set_encrypt_key(key, key_len * 8, aes_key); if (gcm_ctx != NULL) {
diff --git a/crypto/hkdf/hkdf_test.c b/crypto/hkdf/hkdf_test.c index a4abf1c..b11061a 100644 --- a/crypto/hkdf/hkdf_test.c +++ b/crypto/hkdf/hkdf_test.c
@@ -20,6 +20,8 @@ #include <openssl/err.h> #include <openssl/hkdf.h> +#include "../test/test_util.h" + typedef struct { const EVP_MD *(*md_func)(void); @@ -226,8 +228,9 @@ return 1; } if (memcmp(buf, test->out, test->out_len) != 0) { - fprintf(stderr, "%u: Resulting key material does not match test vector\n", - (unsigned)i); + fprintf(stderr, "%" OPENSSL_PR_SIZE_T + ": Resulting key material does not match test vector\n", + i); return 1; } }
diff --git a/crypto/internal.h b/crypto/internal.h index 2229e19..61f6100 100644 --- a/crypto/internal.h +++ b/crypto/internal.h
@@ -135,48 +135,6 @@ #endif -/* MSVC's C4701 warning about the use of *potentially*--as opposed to - * *definitely*--uninitialized values sometimes has false positives. Usually - * the false positives can and should be worked around by simplifying the - * control flow. When that is not practical, annotate the function containing - * the code that triggers the warning with - * OPENSSL_SUPPRESS_POTENTIALLY_UNINITIALIZED_WARNINGS after its parameters: - * - * void f() OPENSSL_SUPPRESS_POTENTIALLY_UNINITIALIZED_WARNINGS { - * ... - * } - * - * Note that MSVC's control flow analysis seems to operate on a whole-function - * basis, so the annotation must be placed on the entire function, not just a - * block within the function. */ -#if defined(_MSC_VER) -#define OPENSSL_SUPPRESS_POTENTIALLY_UNINITIALIZED_WARNINGS \ - __pragma(warning(suppress:4701)) -#else -#define OPENSSL_SUPPRESS_POTENTIALLY_UNINITIALIZED_WARNINGS -#endif - -/* MSVC will sometimes correctly detect unreachable code and issue a warning, - * which breaks the build since we treat errors as warnings, in some rare cases - * where we want to allow the dead code to continue to exist. In these - * situations, annotate the function containing the unreachable code with - * OPENSSL_SUPPRESS_UNREACHABLE_CODE_WARNINGS after its parameters: - * - * void f() OPENSSL_SUPPRESS_UNREACHABLE_CODE_WARNINGS { - * ... - * } - * - * Note that MSVC's reachability analysis seems to operate on a whole-function - * basis, so the annotation must be placed on the entire function, not just a - * block within the function. */ -#if defined(_MSC_VER) -#define OPENSSL_SUPPRESS_UNREACHABLE_CODE_WARNINGS \ - __pragma(warning(suppress:4702)) -#else -#define OPENSSL_SUPPRESS_UNREACHABLE_CODE_WARNINGS -#endif - - #if defined(OPENSSL_X86) || defined(OPENSSL_X86_64) || defined(OPENSSL_ARM) || \ defined(OPENSSL_AARCH64) /* OPENSSL_cpuid_setup initializes OPENSSL_ia32cap_P. */
diff --git a/crypto/modes/gcm_test.c b/crypto/modes/gcm_test.c index e543348..56639e6 100644 --- a/crypto/modes/gcm_test.c +++ b/crypto/modes/gcm_test.c
@@ -282,8 +282,10 @@ uint8_t v, v2; if (!from_hex(&v, in[i]) || !from_hex(&v2, in[i+1])) { - fprintf(stderr, "%u: invalid hex digit in %s around offset %u.\n", - test_num, description, (unsigned)i); + fprintf(stderr, + "%u: invalid hex digit in %s around offset %" OPENSSL_PR_SIZE_T + ".\n", + test_num, description, i); goto err; } buf[i/2] = (v << 4) | v2;
diff --git a/crypto/test/test_util.h b/crypto/test/test_util.h index 972e206..89e70c6 100644 --- a/crypto/test/test_util.h +++ b/crypto/test/test_util.h
@@ -28,6 +28,14 @@ void hexdump(FILE *fp, const char *msg, const void *in, size_t len); +#if defined(_MSC_VER) && _MSC_VER < 1900 +/* https://msdn.microsoft.com/en-us/library/tcxf1dw6(v=vs.120).aspx */ +#define OPENSSL_PR_SIZE_T "Iu" +#else +#define OPENSSL_PR_SIZE_T "zu" +#endif + + #if defined(__cplusplus) } #endif
diff --git a/crypto/x509/asn1_gen.c b/crypto/x509/asn1_gen.c index 0660840..03a0ab9 100644 --- a/crypto/x509/asn1_gen.c +++ b/crypto/x509/asn1_gen.c
@@ -142,7 +142,6 @@ } ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf) - OPENSSL_SUPPRESS_POTENTIALLY_UNINITIALIZED_WARNINGS { ASN1_TYPE *ret; tag_exp_arg asn1_tags; @@ -155,7 +154,7 @@ unsigned char *p; const unsigned char *cp; int cpy_len; - long hdr_len; + long hdr_len = 0; int hdr_constructed = 0, hdr_tag, hdr_class; int r;
diff --git a/crypto/x509/pkcs7_test.c b/crypto/x509/pkcs7_test.c index 7e76322..2dfeb5e 100644 --- a/crypto/x509/pkcs7_test.c +++ b/crypto/x509/pkcs7_test.c
@@ -22,6 +22,8 @@ #include <openssl/stack.h> #include <openssl/x509.h> +#include "../test/test_util.h" + /* kPKCS7NSS contains the certificate chain of mail.google.com, as saved by NSS * using the Chrome UI. */ @@ -504,7 +506,7 @@ X509 *b = sk_X509_value(certs2, i); if (X509_cmp(a, b) != 0) { - fprintf(stderr, "Certificate %u differs.\n", (unsigned) i); + fprintf(stderr, "Certificate %" OPENSSL_PR_SIZE_T " differs.\n", i); return 0; } } @@ -568,7 +570,7 @@ X509_CRL *b = sk_X509_CRL_value(crls2, i); if (X509_CRL_cmp(a, b) != 0) { - fprintf(stderr, "CRL %u differs.\n", (unsigned) i); + fprintf(stderr, "CRL %" OPENSSL_PR_SIZE_T " differs.\n", i); return 0; } } @@ -606,8 +608,9 @@ if (sk_X509_num(certs) != 1) { fprintf(stderr, - "Bad number of certificates from PKCS7_get_PEM_certificates: %u\n", - (unsigned)sk_X509_num(certs)); + "Bad number of certificates from PKCS7_get_PEM_certificates: " + "%" OPENSSL_PR_SIZE_T "\n", + sk_X509_num(certs)); return 0; } @@ -628,8 +631,9 @@ if (sk_X509_CRL_num(crls) != 1) { fprintf(stderr, - "Bad number of CRLs from PKCS7_get_PEM_CRLs: %u\n", - (unsigned)sk_X509_CRL_num(crls)); + "Bad number of CRLs from PKCS7_get_PEM_CRLs: %" OPENSSL_PR_SIZE_T + "\n", + sk_X509_CRL_num(crls)); return 0; }
diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c index e7f2103..2ed2f03 100644 --- a/crypto/x509/x509_vfy.c +++ b/crypto/x509/x509_vfy.c
@@ -844,11 +844,10 @@ } static int check_cert(X509_STORE_CTX *ctx) - OPENSSL_SUPPRESS_POTENTIALLY_UNINITIALIZED_WARNINGS { X509_CRL *crl = NULL, *dcrl = NULL; X509 *x; - int ok, cnum; + int ok = 0, cnum; unsigned int last_reasons; cnum = ctx->error_depth; x = sk_X509_value(ctx->chain, cnum);
diff --git a/crypto/x509/x_pubkey.c b/crypto/x509/x_pubkey.c index 47f256c..1549195 100644 --- a/crypto/x509/x_pubkey.c +++ b/crypto/x509/x_pubkey.c
@@ -54,6 +54,8 @@ * copied and put under another distribution licence * [including the GNU Public Licence.] */ +#include <openssl/x509.h> + #include <limits.h> #include <openssl/asn1.h> @@ -64,7 +66,6 @@ #include <openssl/mem.h> #include <openssl/obj.h> #include <openssl/thread.h> -#include <openssl/x509.h> #include "../internal.h"
diff --git a/crypto/x509v3/v3_conf.c b/crypto/x509v3/v3_conf.c index 7405e1e..66abca4 100644 --- a/crypto/x509v3/v3_conf.c +++ b/crypto/x509v3/v3_conf.c
@@ -263,10 +263,9 @@ static X509_EXTENSION *v3_generic_extension(const char *ext, char *value, int crit, int gen_type, X509V3_CTX *ctx) - OPENSSL_SUPPRESS_POTENTIALLY_UNINITIALIZED_WARNINGS { unsigned char *ext_der = NULL; - long ext_len; + long ext_len = 0; ASN1_OBJECT *obj = NULL; ASN1_OCTET_STRING *oct = NULL; X509_EXTENSION *extension = NULL;