Fix all sign/unsigned warnings with Clang and GCC.
Change-Id: If2a83698236f7b0dcd46701ccd257a85463d6ce5
Reviewed-on: https://boringssl-review.googlesource.com/4992
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 54deb7f..69bc3b1 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -17,8 +17,8 @@
endif()
if(CMAKE_COMPILER_IS_GNUCXX OR CMAKE_CXX_COMPILER_ID MATCHES "Clang")
- set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -Werror -ggdb -fvisibility=hidden")
- set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Wall -Werror -ggdb -std=c++0x -fvisibility=hidden")
+ set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -Werror -Wsign-compare -ggdb -fvisibility=hidden")
+ set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Wall -Werror -Wsign-compare -ggdb -std=c++0x -fvisibility=hidden")
elseif(MSVC)
set(MSVC_DISABLED_WARNINGS_LIST
"C4100" # 'exarg' : unreferenced formal parameter
diff --git a/crypto/bio/bio.c b/crypto/bio/bio.c
index 4bc98ba..7a1a9e3 100644
--- a/crypto/bio/bio.c
+++ b/crypto/bio/bio.c
@@ -529,7 +529,7 @@
uint8_t header[6];
static const size_t kInitialHeaderLen = 2;
- if (BIO_read(bio, header, kInitialHeaderLen) != kInitialHeaderLen) {
+ if (BIO_read(bio, header, kInitialHeaderLen) != (int) kInitialHeaderLen) {
return 0;
}
@@ -559,7 +559,8 @@
return 0;
}
- if (BIO_read(bio, header + kInitialHeaderLen, num_bytes) != num_bytes) {
+ if (BIO_read(bio, header + kInitialHeaderLen, num_bytes) !=
+ (int)num_bytes) {
return 0;
}
header_len = kInitialHeaderLen + num_bytes;
@@ -585,7 +586,8 @@
}
if (len + header_len < len ||
- len + header_len > max_len) {
+ len + header_len > max_len ||
+ len > INT_MAX) {
return 0;
}
len += header_len;
@@ -597,7 +599,7 @@
}
memcpy(*out, header, header_len);
if (BIO_read(bio, (*out) + header_len, len - header_len) !=
- len - header_len) {
+ (int) (len - header_len)) {
OPENSSL_free(*out);
return 0;
}
diff --git a/crypto/bio/bio_mem.c b/crypto/bio/bio_mem.c
index ef56111..6864f6f 100644
--- a/crypto/bio/bio_mem.c
+++ b/crypto/bio/bio_mem.c
@@ -176,7 +176,7 @@
if (INT_MAX - blen < inl) {
goto err;
}
- if (BUF_MEM_grow_clean(b, blen + inl) != (blen + inl)) {
+ if (BUF_MEM_grow_clean(b, blen + inl) != ((size_t) blen) + inl) {
goto err;
}
memcpy(&b->data[blen], in, inl);
diff --git a/crypto/bio/printf.c b/crypto/bio/printf.c
index 2f5ae4a..3709fcb 100644
--- a/crypto/bio/printf.c
+++ b/crypto/bio/printf.c
@@ -87,7 +87,11 @@
}
#endif
- if (out_len >= sizeof(buf)) {
+ if (out_len < 0) {
+ return -1;
+ }
+
+ if ((size_t) out_len >= sizeof(buf)) {
const int requested_len = out_len;
/* The output was truncated. Note that vsnprintf's return value
* does not include a trailing NUL, but the buffer must be sized
diff --git a/crypto/dh/params.c b/crypto/dh/params.c
index 82d1d92..2bfccb8 100644
--- a/crypto/dh/params.c
+++ b/crypto/dh/params.c
@@ -295,7 +295,7 @@
}
void DH_check_standard_parameters(DH *dh) {
- int i;
+ unsigned i;
if (dh->p == NULL ||
dh->g == NULL ||
diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c
index f540256..7c4be07 100644
--- a/crypto/ec/ec_asn1.c
+++ b/crypto/ec/ec_asn1.c
@@ -212,7 +212,7 @@
for (i = 0; OPENSSL_built_in_curves[i].nid != NID_undef; i++) {
curve = &OPENSSL_built_in_curves[i];
const unsigned param_len = curve->data->param_len;
- if (ecparams->order->length == param_len &&
+ if ((unsigned) ecparams->order->length == param_len &&
memcmp(ecparams->order->data, &curve->data->data[param_len * 5],
param_len) == 0) {
nid = curve->nid;
diff --git a/crypto/err/err_test.cc b/crypto/err/err_test.cc
index 6643c68..bdf3486 100644
--- a/crypto/err/err_test.cc
+++ b/crypto/err/err_test.cc
@@ -30,7 +30,7 @@
/* Errors are returned in order they were pushed, with the least recent ones
* removed, up to |ERR_NUM_ERRORS - 1| errors. So the errors returned are
* |ERR_NUM_ERRORS + 2| through |ERR_NUM_ERRORS * 2|, inclusive. */
- if (err == 0 || ERR_GET_REASON(err) != i + ERR_NUM_ERRORS + 2) {
+ if (err == 0 || ((unsigned)ERR_GET_REASON(err)) != i + ERR_NUM_ERRORS + 2) {
fprintf(stderr, "ERR_get_error failed at %u\n", i);
return false;
}
diff --git a/crypto/pem/pem_info.c b/crypto/pem/pem_info.c
index b4ae805..2a39a5b 100644
--- a/crypto/pem/pem_info.c
+++ b/crypto/pem/pem_info.c
@@ -292,7 +292,7 @@
if (xi != NULL) X509_INFO_free(xi);
if (!ok)
{
- for (i=0; ((int)i)<sk_X509_INFO_num(ret); i++)
+ for (i=0; i<sk_X509_INFO_num(ret); i++)
{
xi=sk_X509_INFO_value(ret,i);
X509_INFO_free(xi);
diff --git a/crypto/pkcs8/p5_pbev2.c b/crypto/pkcs8/p5_pbev2.c
index 506e0ab..b00837e 100644
--- a/crypto/pkcs8/p5_pbev2.c
+++ b/crypto/pkcs8/p5_pbev2.c
@@ -367,7 +367,7 @@
}
const size_t iv_len = EVP_CIPHER_CTX_iv_length(ctx);
- if (iv->value.octet_string->length != iv_len) {
+ if ((size_t) iv->value.octet_string->length != iv_len) {
OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_ERROR_SETTING_CIPHER_PARAMS);
goto err;
}
diff --git a/crypto/rsa/rsa_impl.c b/crypto/rsa/rsa_impl.c
index eb4a36f..b14f7a0 100644
--- a/crypto/rsa/rsa_impl.c
+++ b/crypto/rsa/rsa_impl.c
@@ -1010,7 +1010,7 @@
if (!BN_mul(r1, rsa->n, ap->prime, ctx)) {
goto err;
}
- if (BN_num_bits(r1) == bits) {
+ if (BN_num_bits(r1) == (unsigned) bits) {
break;
}
diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c
index 5d856f0..695793e 100644
--- a/crypto/x509/x509_vfy.c
+++ b/crypto/x509/x509_vfy.c
@@ -1191,7 +1191,7 @@
int cidx = ctx->error_depth;
size_t i;
- if (cidx != sk_X509_num(ctx->chain) - 1)
+ if ((size_t) cidx != sk_X509_num(ctx->chain) - 1)
cidx++;
crl_issuer = sk_X509_value(ctx->chain, cidx);
diff --git a/crypto/x509v3/pcy_tree.c b/crypto/x509v3/pcy_tree.c
index 682474d..8e9ef25 100644
--- a/crypto/x509v3/pcy_tree.c
+++ b/crypto/x509v3/pcy_tree.c
@@ -426,7 +426,7 @@
{
/* If mapping: matched if one child per expected policy set */
STACK_OF(ASN1_OBJECT) *expset = node->data->expected_policy_set;
- if (node->nchild == sk_ASN1_OBJECT_num(expset))
+ if ((size_t) node->nchild == sk_ASN1_OBJECT_num(expset))
return 1;
/* Locate unmatched nodes */
for (i = 0; i < sk_ASN1_OBJECT_num(expset); i++)
diff --git a/crypto/x509v3/tab_test.c b/crypto/x509v3/tab_test.c
index 6b97e91..c0e0cb6 100644
--- a/crypto/x509v3/tab_test.c
+++ b/crypto/x509v3/tab_test.c
@@ -73,7 +73,8 @@
int main(void)
{
#if !defined(BORINGSSL_SHARED_LIBRARY)
- int i, prev = -1, bad = 0;
+ unsigned i;
+ int prev = -1, bad = 0;
const X509V3_EXT_METHOD *const *tmp;
CRYPTO_library_init();
i = sizeof(standard_exts) / sizeof(X509V3_EXT_METHOD *);
@@ -89,7 +90,7 @@
tmp = standard_exts;
fprintf(stderr, "Extensions out of order!\n");
for(i = 0; i < STANDARD_EXTENSION_COUNT; i++, tmp++)
- printf("%d : %s\n", (*tmp)->ext_nid, OBJ_nid2sn((*tmp)->ext_nid));
+ printf("%d : %s\n", (*tmp)->ext_nid, OBJ_nid2sn((*tmp)->ext_nid));
return 1;
} else {
printf("PASS\n");
diff --git a/ssl/d1_both.c b/ssl/d1_both.c
index 1acb3ce..4d550e9 100644
--- a/ssl/d1_both.c
+++ b/ssl/d1_both.c
@@ -399,7 +399,7 @@
while (frag_len > 0) {
size_t chunk = frag_len < sizeof(discard) ? frag_len : sizeof(discard);
int ret = dtls1_read_bytes(s, SSL3_RT_HANDSHAKE, discard, chunk, 0);
- if (ret != chunk) {
+ if (ret != (int) chunk) {
return 0;
}
frag_len -= chunk;
@@ -525,7 +525,7 @@
/* Read the body of the fragment. */
ret = dtls1_read_bytes(s, SSL3_RT_HANDSHAKE, frag->fragment + frag_off,
frag_len, 0);
- if (ret != frag_len) {
+ if (ret != (int) frag_len) {
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
return -1;
diff --git a/ssl/d1_srtp.c b/ssl/d1_srtp.c
index 2fcc1ea..628bb29 100644
--- a/ssl/d1_srtp.c
+++ b/ssl/d1_srtp.c
@@ -171,7 +171,8 @@
const SRTP_PROTECTION_PROFILE *p;
col = strchr(ptr, ':');
- if (find_profile_by_name(ptr, &p, col ? col - ptr : strlen(ptr))) {
+ if (find_profile_by_name(ptr, &p,
+ col ? (size_t)(col - ptr) : strlen(ptr))) {
sk_SRTP_PROTECTION_PROFILE_push(profiles, p);
} else {
OPENSSL_PUT_ERROR(SSL, SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE);
diff --git a/ssl/ssl_asn1.c b/ssl/ssl_asn1.c
index 9e61fb6..0ad4a11 100644
--- a/ssl/ssl_asn1.c
+++ b/ssl/ssl_asn1.c
@@ -130,7 +130,7 @@
* compressionMethod [11] OCTET STRING OPTIONAL,
* srpUsername [12] OCTET STRING OPTIONAL, */
-static const int kVersion = 1;
+static const unsigned kVersion = 1;
static const int kTimeTag =
CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 1;