On 11/5/19 1:27 AM, Petr Štetiar wrote:
> Hi,
>
> Hauke Mehrtens <ha...@hauke-m.de> [2019-11-01 17:06:34]:
>
>> +ADD_DEFINITIONS(-Os -Wall -Werror -Wclobbered --std=gnu99 -g3 -I.
>> -DUCI_PREFIX="${CMAKE_INSTALL_PREFIX}")
>
> is there any reason to not use -Wextra directly?I was looking on how we could prevent to have a similar problem as the one described in CVE-2019-15513 and found this warning which should have warned us about this problem. First I was trying to understand this CVE and then I wanted to learn from it to prevent such problems next time. I support adding -Wextra it is even better. > > list.c:140:11: error: comparison between signed and unsigned integer > expressions [-Werror=sign-compare] > file.c:572:51: error: comparison between signed and unsigned integer > expressions [-Werror=sign-compare] > file.c:850:15: error: comparison between signed and unsigned integer > expressions [-Werror=sign-compare] > file.c:865:15: error: comparison between signed and unsigned integer > expressions [-Werror=sign-compare] > delta.c:199:6: error: this statement may fall through > [-Werror=implicit-fallthrough=] > parse.c:80:12: error: this statement may fall through > [-Werror=implicit-fallthrough=] > parse.c:81:12: error: this statement may fall through > [-Werror=implicit-fallthrough=] > file.c:572:51: error: comparison between signed and unsigned integer > expressions [-Werror=sign-compare] > file.c:850:15: error: comparison between signed and unsigned integer > expressions [-Werror=sign-compare] > file.c:865:15: error: comparison between signed and unsigned integer > expressions [-Werror=sign-compare] > delta.c:199:6: error: this statement may fall through > [-Werror=implicit-fallthrough=] > parse.c:80:12: error: this statement may fall through > [-Werror=implicit-fallthrough=] > parse.c:81:12: error: this statement may fall through > [-Werror=implicit-fallthrough=] > ucimap.c:146:16: error: comparison between signed and unsigned integer > expressions [-Werror=sign-compare] > ucimap.c:151:17: error: comparison between signed and unsigned integer > expressions [-Werror=sign-compare] > ucimap.c:243:34: error: comparison between signed and unsigned integer > expressions [-Werror=sign-compare] > ucimap.c:247:9: error: comparison between signed and unsigned integer > expressions [-Werror=sign-compare] > ucimap.c:254:39: error: comparison between signed and unsigned integer > expressions [-Werror=sign-compare] > ucimap.c:258:9: error: comparison between signed and unsigned integer > expressions [-Werror=sign-compare] > ucimap.c:285:34: error: comparison between signed and unsigned integer > expressions [-Werror=sign-compare] > ucimap.c:363:17: error: comparison between signed and unsigned integer > expressions [-Werror=sign-compare] > ucimap.c:563:12: error: comparison between signed and unsigned integer > expressions [-Werror=sign-compare] > ucimap.c:753:18: error: comparison between signed and unsigned integer > expressions [-Werror=sign-compare] > ucimap.c:879:17: error: comparison between signed and unsigned integer > expressions [-Werror=sign-compare] > > Yousong Zhou <yszhou4t...@gmail.com> [2019-11-04 11:29:05]: > >> The -Wclobber check can produce false-positives right? > > I didn't looked deeper, but GCC 6,7,8,9 on x86/64 reports following: > > list.c:626:21: error: variable ‘prev’ might be clobbered by ‘longjmp’ or > ‘vfork’ [-Werror=clobbered] > 626 | struct uci_option *prev = NULL; > | ^~~~ > > list.c:627:14: error: variable ‘value2’ might be clobbered by ‘longjmp’ or > ‘vfork’ [-Werror=clobbered] > 627 | const char *value2 = NULL; > | ^~~~~~ I think I also saw these problems in my manual review, but the -Wclobbered did not complain about them for me with gcc 8.3 on MIPS. > > but clang 9,10 on x86/64 doesn't. > > -- ynezz > Hauke
signature.asc
Description: OpenPGP digital signature
_______________________________________________ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
