Closed
Conversation
3a3a746 to
ec1455a
Compare
Closes
Enable pedantic-errors for GCC >= 5 with --enable-werror. Before GCC 5, pedantic-errors was synonymous to -Werror=pedantic [0], which is still the case for clang [1]. With GCC 5, it became complementary [2]. Also fix a resulting error in acinclude.m4 as main's return type was missing, which is illegal in C99. [0] https://gcc.gnu.org/onlinedocs/gcc-4.9.0/gcc/Warning-Options.html [1] https://clang.llvm.org/docs/UsersManual.html#options-to-control-error-and-warning-messages [2] https://gcc.gnu.org/onlinedocs/gcc-5.1.0/gcc/Warning-Options.html Closes
This warning used to be enabled only for clang as it's a bit stricter on GCC. Silence the remaining occurrences and enable it on GCC too. Closes
This enables level 4 instead of the default level 3, which of the currently used comments only allows /* FALLTHROUGH */ to silence the warning. Closes
This enables the following additional warnings: -Wold-style-definition -Warray-bounds=2 instead of the default 1 -Wformat=2, but only for GCC 4.8+ as Wno-format-nonliteral is not respected for older versions -Wunused-const-variable, which enables level 2 instead of the default 1 -Warray-bounds also in debug mode through -ftree-vrp -Wnull-dereference also in debug mode through -fdelete-null-pointer-checks Closes
MarcelRaad
pushed a commit
that referenced
this pull request
Apr 19, 2023
Fixes msan warnings:
==54195==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0x55ece35e57cb in line_length /home/runner/work/curl/curl/tests/server/getpart.c:111:25
#1 0x55ece35e3b83 in readline /home/runner/work/curl/curl/tests/server/getpart.c:164:24
#2 0x55ece35e0269 in getpart /home/runner/work/curl/curl/tests/server/getpart.c:347:18
#3 0x55ece36180b6 in parse_servercmd /home/runner/work/curl/curl/tests/server/sws.c:283:13
Closes curl#10822
MarcelRaad
pushed a commit
that referenced
this pull request
Sep 5, 2023
`u->path = Curl_memdup(path, pathlen + 1);` accesses bytes after the null-terminator.
```
==2676==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x04d48c75 at pc 0x0112708a bp 0x006fb7e0 sp 0x006fb3c4
READ of size 78 at 0x04d48c75 thread T0
#0 0x1127089 in __asan_wrap_memcpy D:\a\_work\1\s\src\vctools\asan\llvm\compiler-rt\lib\sanitizer_common\sanitizer_common_interceptors.inc:840
#1 0x1891a0e in Curl_memdup C:\actions-runner\_work\client\client\third_party\curl\lib\strdup.c:97
#2 0x18db4b0 in parseurl C:\actions-runner\_work\client\client\third_party\curl\lib\urlapi.c:1297
#3 0x18db819 in parseurl_and_replace C:\actions-runner\_work\client\client\third_party\curl\lib\urlapi.c:1342
#4 0x18d6e39 in curl_url_set C:\actions-runner\_work\client\client\third_party\curl\lib\urlapi.c:1790
#5 0x1877d3e in parseurlandfillconn C:\actions-runner\_work\client\client\third_party\curl\lib\url.c:1768
#6 0x1871acf in create_conn C:\actions-runner\_work\client\client\third_party\curl\lib\url.c:3403
#7 0x186d8dc in Curl_connect C:\actions-runner\_work\client\client\third_party\curl\lib\url.c:3888
#8 0x1856b78 in multi_runsingle C:\actions-runner\_work\client\client\third_party\curl\lib\multi.c:1982
#9 0x18531e3 in curl_multi_perform C:\actions-runner\_work\client\client\third_party\curl\lib\multi.c:2756
```
Closes curl#11560
MarcelRaad
pushed a commit
that referenced
this pull request
Feb 27, 2024
In order to make MSAN happy:
==2200945==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0x596f3b3ed246 in curlx_strtoofft [...]/libcurl/src/lib/strtoofft.c:239:11
#1 0x596f3b402156 in Curl_httpchunk_read [...]/libcurl/src/lib/http_chunks.c:149:12
#2 0x596f3b348550 in readwrite_data [...]/libcurl/src/lib/transfer.c:607:11
[...]
==2202041==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0x5a3fab66a72a in Curl_parse_port [...]/libcurl/src/lib/urlapi.c:547:8
#1 0x5a3fab650645 in parse_authority [...]/libcurl/src/lib/urlapi.c:796:12
#2 0x5a3fab6740f6 in parseurl [...]/libcurl/src/lib/urlapi.c:1176:16
#3 0x5a3fab664fc5 in parseurl_and_replace [...]/libcurl/src/lib/urlapi.c:1342:12
[...]
==2202320==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0x569076a0d6b0 in ipv4_normalize [...]/libcurl/src/lib/urlapi.c:683:12
#1 0x5690769f2820 in parse_authority [...]/libcurl/src/lib/urlapi.c:803:10
#2 0x569076a160f6 in parseurl [...]/libcurl/src/lib/urlapi.c:1176:16
#3 0x569076a06fc5 in parseurl_and_replace [...]/libcurl/src/lib/urlapi.c:1342:12
[...]
Signed-off-by: Louis Solofrizzo <lsolofrizzo@scaleway.com>
Closes curl#12995
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This enables the following additional warnings:
-Wbad-function-cast, as already enabled for clang
-Wdisabled-optimization
-Wold-style-definition
-Wnormalized=nfkc, which warns on identifiers that could be ambiguous
-Warray-bounds also in debug mode through -ftree-vrp
-Wtrampolines
-Wformat=2, but only for GCC 4.8+ as Wno-format-nonliteral is not
respected for older versions
-Wdate-time for reproducible builds
-Warray-bounds=2 instead of the default 1
-Wnull-dereference also in debug mode through
-fdelete-null-pointer-checks
-Wunused-const-variable
-Wimplicit-fallthrough=4 instead of the default 3