Hello,
after plain ./configure without options (including noticeable absence of
--with-openssl) and make,
make -C contrib COPT=-Werror gives error with gcc-11 on REL_9_6_STABLE,
REL_10_STABLE or REL_11_STABLE.
The warning/error is about misleading indent in
contrib/pgcrypto/imath.c's CLAMP macro:
imath.c: In function ‘mp_int_add’:
imath.c:133:1: error: this ‘while’ clause does not guard...
[-Werror=misleading-indentation]
133 | while(uz_ > 1 && (*dz_-- == 0)) --uz_;MP_USED(z_)=uz_;}while(0)
| ^~~~~
imath.c:670:17: note: in expansion of macro ‘CLAMP’
670 | CLAMP(c);
| ^~~~~
In file included from imath.c:34:
imath.h:68:26: note: ...this statement, but the latter is misleadingly
indented as if it were guarded by the ‘while’
68 | #define MP_USED(Z) ((Z)->used)
| ^
imath.c:133:39: note: in expansion of macro ‘MP_USED’
133 | while(uz_ > 1 && (*dz_-- == 0)) --uz_;MP_USED(z_)=uz_;}while(0)
| ^~~~~~~
imath.c:670:17: note: in expansion of macro ‘CLAMP’
670 | CLAMP(c);
| ^~~~~
pgcrypto-fix-imath-clamp-warning.patch, attached, is a suggested minimal
fix:
diff --git a/contrib/pgcrypto/imath.c b/contrib/pgcrypto/imath.c
index b94a51b81a4..801b843cbe3 100644
--- a/contrib/pgcrypto/imath.c
+++ b/contrib/pgcrypto/imath.c
@@ -130,7 +130,8 @@ do{T *u_=(A),*v_=u_+(N)-1;while(u_<v_){T
xch=*u_;*u_++=*v_;*v_--=xch;}}while(0)
#else
#define CLAMP(Z) \
do{mp_int z_=(Z);mp_size uz_=MP_USED(z_);mp_digit
*dz_=MP_DIGITS(z_)+uz_-1;\
-while(uz_ > 1 && (*dz_-- == 0)) --uz_;MP_USED(z_)=uz_;}while(0)
+while(uz_ > 1 && (*dz_-- == 0)) --uz_;\
+MP_USED(z_)=uz_;}while(0)
#endif
#undef MIN
The same patch works for all 9.6, 10 and 11. It's not needed in 12 or
later, they compile without warnings just fine even without --with-openssl.
In addition, 9.6 (unlike 10 and 11) gives four "array-parameter="
warnings about contrib/pgcrypto/sha2.c:
sha2.c:552:20: error: argument 1 of type ‘uint8[]’ {aka ‘unsigned
char[]’} with mismatched bound [-Werror=array-parameter=]
552 | SHA256_Final(uint8 digest[], SHA256_CTX *context)
| ~~~~~~^~~~~~~~
In file included from sha2.c:44:
sha2.h:93:30: note: previously declared as ‘uint8[32]’ {aka ‘unsigned
char[32]’}
93 | void SHA256_Final(uint8[SHA256_DIGEST_LENGTH],
SHA256_CTX *);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~
and the same for SHA{512,384,224}_Final.
pgcrypto-fix-sha2-warning.patch, attached, is a suggested minimal fix
for that:
void
-SHA256_Final(uint8 digest[], SHA256_CTX *context)
+SHA256_Final(uint8 digest[SHA256_DIGEST_LENGTH], SHA256_CTX *context)
{
etc.
Please consider fixing those warnings.
--
Anton Voloshin
Postgres Professional, The Russian Postgres Company
https://postgrespro.ru
diff --git a/contrib/pgcrypto/imath.c b/contrib/pgcrypto/imath.c
index b94a51b81a4..801b843cbe3 100644
--- a/contrib/pgcrypto/imath.c
+++ b/contrib/pgcrypto/imath.c
@@ -130,7 +130,8 @@ do{T *u_=(A),*v_=u_+(N)-1;while(u_<v_){T xch=*u_;*u_++=*v_;*v_--=xch;}}while(0)
#else
#define CLAMP(Z) \
do{mp_int z_=(Z);mp_size uz_=MP_USED(z_);mp_digit *dz_=MP_DIGITS(z_)+uz_-1;\
-while(uz_ > 1 && (*dz_-- == 0)) --uz_;MP_USED(z_)=uz_;}while(0)
+while(uz_ > 1 && (*dz_-- == 0)) --uz_;\
+MP_USED(z_)=uz_;}while(0)
#endif
#undef MIN
diff --git a/contrib/pgcrypto/sha2.c b/contrib/pgcrypto/sha2.c
index 231f9dfbb0e..11311deda8d 100644
--- a/contrib/pgcrypto/sha2.c
+++ b/contrib/pgcrypto/sha2.c
@@ -549,7 +549,7 @@ SHA256_Last(SHA256_CTX *context)
}
void
-SHA256_Final(uint8 digest[], SHA256_CTX *context)
+SHA256_Final(uint8 digest[SHA256_DIGEST_LENGTH], SHA256_CTX *context)
{
/* If no digest buffer is passed, we don't bother doing this: */
if (digest != NULL)
@@ -877,7 +877,7 @@ SHA512_Last(SHA512_CTX *context)
}
void
-SHA512_Final(uint8 digest[], SHA512_CTX *context)
+SHA512_Final(uint8 digest[SHA512_DIGEST_LENGTH], SHA512_CTX *context)
{
/* If no digest buffer is passed, we don't bother doing this: */
if (digest != NULL)
@@ -922,7 +922,7 @@ SHA384_Update(SHA384_CTX *context, const uint8 *data, size_t len)
}
void
-SHA384_Final(uint8 digest[], SHA384_CTX *context)
+SHA384_Final(uint8 digest[SHA384_DIGEST_LENGTH], SHA384_CTX *context)
{
/* If no digest buffer is passed, we don't bother doing this: */
if (digest != NULL)
@@ -966,7 +966,7 @@ SHA224_Update(SHA224_CTX *context, const uint8 *data, size_t len)
}
void
-SHA224_Final(uint8 digest[], SHA224_CTX *context)
+SHA224_Final(uint8 digest[SHA224_DIGEST_LENGTH], SHA224_CTX *context)
{
/* If no digest buffer is passed, we don't bother doing this: */
if (digest != NULL)
