Remove variable shadowing. Bruce Dawson pointed out that the shadowing of |ret| in |s3_srvr.c| looked dodgy. It was actually deliberate (we don't want to reset the default value of the function's |ret| variable with a successful return from the callback) but it does look dodgy. This change adds -Wshadow to ban variable shadowing and fixes all current instances. Change-Id: I1268f88b9f26245c7d16d6ead5bb9014ea471c01 Reviewed-on: https://boringssl-review.googlesource.com/2520 Reviewed-by: Adam Langley <agl@google.com>

commit: af7e74ba9f1aae1ce1ac2fd4897ecbdea32f8aaa [log] [tgz]
author: Adam Langley <agl@google.com> Tue Dec 09 11:55:46 2014 -0800
committer: Adam Langley <agl@google.com> Tue Dec 09 21:32:49 2014 +0000
tree: 90a560dfbaa7a0382f320b58ea779b37a005f0c7
parent: 3547688ee0b4c65df2c163d046b1d51c5309ceb2 [diff]
diff --git a/CMakeLists.txt b/CMakeLists.txt
index d4c7a6e..40a3465 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt

@@ -3,8 +3,8 @@
 project (BoringSSL)
 
 if(CMAKE_COMPILER_IS_GNUCXX OR "${CMAKE_CXX_COMPILER_ID}" STREQUAL "Clang")
-	set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -Werror -ggdb -std=c89")
-	set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Wall -Werror -ggdb -std=c++0x")
+	set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -Wshadow -Werror -ggdb -std=c89")
+	set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Wall -Wshadow -Werror -ggdb -std=c++0x")
 elseif(MSVC)
 	# Disable warnings for implicit integer narrowing.
 	set(CMAKE_C_FLAGS "/wd4267")

diff --git a/crypto/bytestring/ber.c b/crypto/bytestring/ber.c
index c96c200..b5b373d 100644
--- a/crypto/bytestring/ber.c
+++ b/crypto/bytestring/ber.c

@@ -122,15 +122,17 @@
          * implicit and the tags within are fragments of a primitive type that
          * need to be concatenated. */
         if (context_specific && (tag & CBS_ASN1_CONSTRUCTED)) {
-          CBS in_copy, contents;
-          unsigned tag;
-          size_t header_len;
+          CBS in_copy, inner_contents;
+          unsigned inner_tag;
+          size_t inner_header_len;
 
           CBS_init(&in_copy, CBS_data(in), CBS_len(in));
-          if (!CBS_get_any_asn1_element(&in_copy, &contents, &tag, &header_len)) {
+          if (!CBS_get_any_asn1_element(&in_copy, &inner_contents, &inner_tag,
+                                        &inner_header_len)) {
             return 0;
           }
-          if (CBS_len(&contents) > header_len && is_primitive_type(tag)) {
+          if (CBS_len(&inner_contents) > inner_header_len &&
+              is_primitive_type(inner_tag)) {
             squash_child_headers = 1;
           }
         }

diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
index a7b5aed..0a0c01b 100644
--- a/ssl/s3_pkt.c
+++ b/ssl/s3_pkt.c

@@ -1083,12 +1083,12 @@
 		{
 		const size_t size = sizeof(s->s3->handshake_fragment);
 		const size_t avail = size - s->s3->handshake_fragment_len;
-		const size_t len = (rr->length < avail) ? rr->length : avail;
+		const size_t todo = (rr->length < avail) ? rr->length : avail;
 		memcpy(s->s3->handshake_fragment + s->s3->handshake_fragment_len,
-			&rr->data[rr->off], len);
-		rr->off += len;
-		rr->length -= len;
-		s->s3->handshake_fragment_len += len;
+			&rr->data[rr->off], todo);
+		rr->off += todo;
+		rr->length -= todo;
+		s->s3->handshake_fragment_len += todo;
 		if (s->s3->handshake_fragment_len < size)
 			{
 			goto start; /* fragment was too small */
@@ -1096,7 +1096,6 @@
 		}
 	else if (rr->type == SSL3_RT_ALERT)
 		{
-		const size_t len = sizeof(alert_buffer);
 		/* Note that this will still allow multiple alerts to
 		 * be processed in the same record */
 		if (rr->length < sizeof(alert_buffer))
@@ -1105,9 +1104,9 @@
 			OPENSSL_PUT_ERROR(SSL, ssl3_read_bytes, SSL_R_BAD_ALERT);
 			goto f_err;
 			}
-		memcpy(alert_buffer, &rr->data[rr->off], len);
-		rr->off += len;
-		rr->length -= len;
+		memcpy(alert_buffer, &rr->data[rr->off], sizeof(alert_buffer));
+		rr->off += sizeof(alert_buffer);
+		rr->length -= sizeof(alert_buffer);
 		}
 
 	/* s->s3->handshake_fragment_len == 4  iff  rr->type == SSL3_RT_HANDSHAKE;

diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index a513b73..2a380a9 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c

@@ -725,7 +725,6 @@
 		 */
 		if (SSL_IS_DTLS(s) && (SSL_get_options(s) & SSL_OP_COOKIE_EXCHANGE))
 			{
-			CBS session_id;
 			uint8_t cookie_length;
 
 			CBS_init(&client_hello, s->init_msg, n);
@@ -764,18 +763,18 @@
 		if (s->state == SSL3_ST_SR_CLNT_HELLO_C &&
 		    s->ctx->select_certificate_cb != NULL)
 			{
-			int ret;
-
 			s->state = SSL3_ST_SR_CLNT_HELLO_D;
-			ret = s->ctx->select_certificate_cb(&early_ctx);
-			if (ret == 0)
-				return CERTIFICATE_SELECTION_PENDING;
-			else if (ret == -1)
+			switch (s->ctx->select_certificate_cb(&early_ctx))
 				{
-				/* Connection rejected. */
-				al = SSL_AD_ACCESS_DENIED;
-				OPENSSL_PUT_ERROR(SSL, ssl3_get_client_hello, SSL_R_CONNECTION_REJECTED);
-				goto f_err;
+				case 0:
+					return CERTIFICATE_SELECTION_PENDING;
+				case -1:
+					/* Connection rejected. */
+					al = SSL_AD_ACCESS_DENIED;
+					OPENSSL_PUT_ERROR(SSL, ssl3_get_client_hello, SSL_R_CONNECTION_REJECTED);
+					goto f_err;
+				default:
+					/* fallthrough */;
 				}
 			}
 		s->state = SSL3_ST_SR_CLNT_HELLO_D;
commit	af7e74ba9f1aae1ce1ac2fd4897ecbdea32f8aaa	[log] [tgz]
author	Adam Langley <agl@google.com>	Tue Dec 09 11:55:46 2014 -0800
committer	Adam Langley <agl@google.com>	Tue Dec 09 21:32:49 2014 +0000
tree	90a560dfbaa7a0382f320b58ea779b37a005f0c7
parent	3547688ee0b4c65df2c163d046b1d51c5309ceb2 [diff]