Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

build: enable missing OpenSSF-recommended warnings, with fixes #12489

Closed
wants to merge 34 commits into from

Conversation

vszakats
Copy link
Member

@vszakats vszakats commented Dec 8, 2023

https://best.openssf.org/Compiler-Hardening-Guides/Compiler-Options-Hardening-Guide-for-C-and-C++.html
[as of 2023-11-29]

Enable new recommended warnings (except -Wsign-conversion):

  • enable -Wformat=2 for clang (in both cmake and autotools).
  • add CURL_PRINTF() internal attribute and mark functions accepting
    printf arguments with it. This is a copy of existing
    CURL_TEMP_PRINTF() but using __printf__ to make it compatible
    with redefinting the printf symbol:
    https://gcc.gnu.org/onlinedocs/gcc-3.0.4/gcc_5.html#SEC94
  • fix CURL_PRINTF() and existing CURL_TEMP_PRINTF() for
    mingw-w64 and enable it on this platform.
  • enable -Wimplicit-fallthrough.
  • enable -Wtrampolines.
  • add -Wsign-conversion commented with a FIXME.
  • cmake: enable -pedantic-errors the way we do it with autotools.
    Follow-up to d5c0351 Enable and fix more GCC warnings #2747
  • lib/curl_trc.h: use CURL_FORMAT(), this also fixes it to enable format
    checks. Previously it was always disabled due to the internal printf
    macro.

Fix them:

  • fix bug where an set_ipv6_v6only() call was missed in builds with
    --disable-verbose / CURL_DISABLE_VERBOSE_STRINGS=ON.
  • add internal FALLTHROUGH() macro.
  • replace obsolete fall-through comments with FALLTHROUGH().
  • fix fallthrough markups: Delete redundant ones (showing up as
    warnings in most cases). Add missing ones. Fix indentation.
  • silence -Wformat-nonliteral warnings with llvm/clang.
  • fix one -Wformat-nonliteral warning.
  • fix new -Wformat and -Wformat-security warnings.
  • fix CURL_FORMAT_SOCKET_T value for mingw-w64. Also move its
    definition to lib/curl_setup.h allowing use in tests/server.
  • lib: fix two wrongly passed string arguments in log outputs.
    Co-authored-by: Jay Satiro
  • fix new -Wformat warnings on mingw-w64.

Closes #12489


TODO:

  • fix to enable format checks for mingw.
  • fix -Warith-conversion warnings. [other PR]
  • fix -Wsign-conversion warnings. [other PR]

@vszakats vszakats added the build label Dec 8, 2023
@vszakats vszakats changed the title enable recommended OpenSSF warnings build: enable recommended OpenSSF warnings Dec 8, 2023
include/curl/curl.h Outdated Show resolved Hide resolved
@vszakats vszakats changed the title build: enable recommended OpenSSF warnings build: enable missing OpenSSF-recommended warnings, with fixes Dec 8, 2023
@vszakats vszakats force-pushed the openssf branch 6 times, most recently from 8467031 to 722d4c8 Compare December 9, 2023 00:16
@github-actions github-actions bot added the CI Continuous Integration label Dec 9, 2023
@vszakats
Copy link
Member Author

vszakats commented Dec 9, 2023

This is ready now.

lib/cf-h1-proxy.c Outdated Show resolved Hide resolved
vszakats added a commit to vszakats/curl that referenced this pull request Dec 11, 2023
lib/curl_setup.h Outdated Show resolved Hide resolved
@vszakats
Copy link
Member Author

Renamed to use FALLTHROUGH();.

Is there something else to address?

vszakats added a commit to vszakats/curl that referenced this pull request Apr 29, 2024
Warn by default in all builds, but without triggering error.

Once all new warnings revealed by CI are cleared, we can drop the
`-Wno-error=sign-conversion` options in cmake/autotools.

Follow-up to3829759bd042c03225ae862062560f568ba1a231 curl#12489
Closes #xxxxx
vszakats added a commit to vszakats/curl that referenced this pull request Apr 29, 2024
Before this patch, cmake/autotools builds made an exception for this
warning to not cause an error.

The codebase is warning-free now, so this patch deletes this exception.

Follow-up [...]
Follow-up to3829759bd042c03225ae862062560f568ba1a231 curl#12489
Closes #xxxxx
vszakats added a commit to vszakats/curl that referenced this pull request Apr 30, 2024
Warn by default in all builds, but without triggering error.

Once all new warnings revealed by CI are cleared, we can drop the
`-Wno-error=sign-conversion` options in cmake/autotools.

Follow-up to3829759bd042c03225ae862062560f568ba1a231 curl#12489
Closes #xxxxx
vszakats added a commit to vszakats/curl that referenced this pull request Apr 30, 2024
Before this patch, cmake/autotools builds made an exception for this
warning to not cause an error.

The codebase is warning-free now, so this patch deletes this exception.

Follow-up [...]
Follow-up to3829759bd042c03225ae862062560f568ba1a231 curl#12489
Closes #xxxxx
vszakats added a commit to vszakats/curl that referenced this pull request May 5, 2024
Warn by default in all builds, but without triggering error.

Once all new warnings revealed by CI are cleared, we can drop the
`-Wno-error=sign-conversion` options in cmake/autotools.

Follow-up to3829759bd042c03225ae862062560f568ba1a231 curl#12489
Closes #xxxxx
vszakats added a commit to vszakats/curl that referenced this pull request May 5, 2024
Before this patch, cmake/autotools builds made an exception for this
warning to not cause an error.

The codebase is warning-free now, so this patch deletes this exception.

Follow-up [...]
Follow-up to3829759bd042c03225ae862062560f568ba1a231 curl#12489
Closes #xxxxx
vszakats added a commit to vszakats/curl that referenced this pull request May 7, 2024
Warn by default in all builds, but without triggering error.

Once all new warnings revealed by CI are cleared, we can drop the
`-Wno-error=sign-conversion` options in cmake/autotools.

Follow-up to3829759bd042c03225ae862062560f568ba1a231 curl#12489
Closes #xxxxx
vszakats added a commit to vszakats/curl that referenced this pull request May 7, 2024
Before this patch, cmake/autotools builds made an exception for this
warning to not cause an error.

The codebase is warning-free now, so this patch deletes this exception.

Follow-up [...]
Follow-up to3829759bd042c03225ae862062560f568ba1a231 curl#12489
Closes #xxxxx
vszakats added a commit that referenced this pull request May 11, 2024
- extend `FD_SET()` hack to all platforms (was only Cygwin).
  Warnings may also happen in other envs, e.g. OmniOS.
  Ref: https://github.com/libssh2/libssh2/actions/runs/8854199687/job/24316762831#step:3:2021

- tidy-up `CURLcode` vs `int` use.

- cast an unsigned to `long` before passing to `curl_easy_setopt()`.

Cherry-picked from #13489
Follow-up to 3829759 #12489
Closes #13501
vszakats added a commit to vszakats/curl that referenced this pull request May 11, 2024
Warn by default in all builds, but without triggering error.

Once all new warnings revealed by CI are cleared, we can drop the
`-Wno-error=sign-conversion` options in cmake/autotools.

Follow-up to3829759bd042c03225ae862062560f568ba1a231 curl#12489
Closes #xxxxx
vszakats added a commit to vszakats/curl that referenced this pull request May 11, 2024
Before this patch, cmake/autotools builds made an exception for this
warning to not cause an error.

The codebase is warning-free now, so this patch deletes this exception.

Follow-up [...]
Follow-up to3829759bd042c03225ae862062560f568ba1a231 curl#12489
Closes #xxxxx
vszakats added a commit to vszakats/curl that referenced this pull request May 12, 2024
Warn by default in all builds, but without triggering error.

Once all new warnings revealed by CI are cleared, we can drop the
`-Wno-error=sign-conversion` options in cmake/autotools.

Follow-up to3829759bd042c03225ae862062560f568ba1a231 curl#12489
Closes #xxxxx
vszakats added a commit to vszakats/curl that referenced this pull request May 12, 2024
Before this patch, cmake/autotools builds made an exception for this
warning to not cause an error.

The codebase is warning-free now, so this patch deletes this exception.

Follow-up [...]
Follow-up to3829759bd042c03225ae862062560f568ba1a231 curl#12489
Closes #xxxxx
vszakats added a commit to vszakats/curl that referenced this pull request May 13, 2024
Warn by default in all builds, but without triggering error.

Once all new warnings revealed by CI are cleared, we can drop the
`-Wno-error=sign-conversion` options in cmake/autotools.

Follow-up to3829759bd042c03225ae862062560f568ba1a231 curl#12489
Closes #xxxxx
vszakats added a commit to vszakats/curl that referenced this pull request May 13, 2024
Before this patch, cmake/autotools builds made an exception for this
warning to not cause an error.

The codebase is warning-free now, so this patch deletes this exception.

Follow-up [...]
Follow-up to3829759bd042c03225ae862062560f568ba1a231 curl#12489
Closes #xxxxx
vszakats added a commit to vszakats/curl that referenced this pull request May 14, 2024
Warn by default in all builds, but without triggering error.

Once all new warnings revealed by CI are cleared, we can drop the
`-Wno-error=sign-conversion` options in cmake/autotools.

Follow-up to3829759bd042c03225ae862062560f568ba1a231 curl#12489
Closes #xxxxx
vszakats added a commit to vszakats/curl that referenced this pull request May 14, 2024
Before this patch, cmake/autotools builds made an exception for this
warning to not cause an error.

The codebase is warning-free now, so this patch deletes this exception.

Follow-up [...]
Follow-up to3829759bd042c03225ae862062560f568ba1a231 curl#12489
Closes #xxxxx
vszakats added a commit to vszakats/curl that referenced this pull request Jun 2, 2024
Warn by default in all builds, but without triggering error.

Once all new warnings revealed by CI are cleared, we can drop the
`-Wno-error=sign-conversion` options in cmake/autotools.

Follow-up to3829759bd042c03225ae862062560f568ba1a231 curl#12489
Closes #xxxxx
vszakats added a commit to vszakats/curl that referenced this pull request Jun 2, 2024
Before this patch, cmake/autotools builds made an exception for this
warning to not cause an error.

The codebase is warning-free now, so this patch deletes this exception.

Follow-up [...]
Follow-up to3829759bd042c03225ae862062560f568ba1a231 curl#12489
Closes #xxxxx
vszakats added a commit to vszakats/curl that referenced this pull request Jun 5, 2024
Warn by default in all builds, but without triggering error.

Once all new warnings revealed by CI are cleared, we can drop the
`-Wno-error=sign-conversion` options in cmake/autotools.

Follow-up to3829759bd042c03225ae862062560f568ba1a231 curl#12489
Closes #xxxxx
vszakats added a commit to vszakats/curl that referenced this pull request Jun 5, 2024
Before this patch, cmake/autotools builds made an exception for this
warning to not cause an error.

The codebase is warning-free now, so this patch deletes this exception.

Follow-up [...]
Follow-up to3829759bd042c03225ae862062560f568ba1a231 curl#12489
Closes #xxxxx
vszakats added a commit that referenced this pull request Sep 2, 2024
Change mingw-w64 printf format checks in public curl headers to use
`__MINGW_PRINTF_FORMAT` instead of `gnu_printf`. This syncs the format
checker with format string macros published via `curl/system.h`. (Also
disable format checks for mingw-w64 older than 3.0.0 (2013-09-20) and
classic-mingw, which do not support this macro.)

This fixes bogus format checker `-Wformat` warnings in 3rd party code
using curl format strings with the curl printf functions, when using
mingw-w64 7.0.0 (2019-11-10) and older (with GCC, MSVCRT).

It also allows to delete two workaounds for this within curl itself:
- setting `-D__USE_MINGW_ANSI_STDIO=1` for mingw-w64 via cmake and
  configure for `docs/examples` and `tests/http/clients`.
  Ref: c730c85 #14640

The format check macro is incompatible (depending on mingw-w64 version
and configuration) with the C99 `%z` (`size_t`) format string used
internally by curl.

To work around this problem, override the format check style in curl
public headers to use `gnu_printf`. This is compatible with `%z` in all
mingw-w64 versions and allows keeping the C99 format strings internally.

Also:
- lib/ws.c: add missing space to an error message.
- docs/examples/ftpgetinfo.c: fix to use standard printf.

Ref: #14643 (take 1)
Follow-up to 3829759 #12489

Closes #14703
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Development

Successfully merging this pull request may close these issues.

3 participants