search

Mbed-TLS / mbedtls

An open source, portable, easy to use, readable and flexible TLS library, and reference implementation of the PSA Cryptography API. Releases are on a varying cadence, typically around 3 - 6 months between releases.
https://www.trustedfirmware.org/projects/mbed-tls/
Other
5.56k stars 2.61k forks source link

mbedtls fails on build on gcc-11: ssl_tls.c:1724:41: error: argument 2 of type 'unsigned char[36]' with mismatched bound [-Werror=array-parameter=] #3782

Closed trofi closed 3 years ago

trofi commented 4 years ago

On (yet unreleased) gcc-11 mbedtls fails build due to new diagnstics:

[ 16%] Building C object library/CMakeFiles/mbedtls.dir/ssl_tls.c.o
cd /home/slyfox/dev/git/mbedtls/b/library && /usr/x86_64-pc-linux-gnu/gcc-bin/11.0.0/gcc  -I/home/slyfox/dev/git/mbedtls/include -I/home/slyfox/dev/git/mbedtls/library -Wall -Wextra -Wwrite-strings -Wvla -Wlogical-op -Wshadow -Wformat-signedness -Werror -Wmissing-declarations -Wmissing-prototypes -o CMakeFiles/mbedtls.dir/ssl_tls.c.o -c /home/slyfox/dev/git/mbedtls/library/ssl_tls.c
/home/slyfox/dev/git/mbedtls/library/ssl_tls.c:1724:41: error: argument 2 of type 'unsigned char[36]' with mismatched bound [-Werror=array-parameter=]
 1724 |                           unsigned char hash[36],
      |                           ~~~~~~~~~~~~~~^~~~~~~~
/home/slyfox/dev/git/mbedtls/library/ssl_tls.c:684:63: note: previously declared as 'unsigned char *'
  684 | static void ssl_calc_verify_tls( const mbedtls_ssl_context *, unsigned char *, size_t * );
      |                                                               ^~~~~~~~~~~~~~~
/home/slyfox/dev/git/mbedtls/library/ssl_tls.c:1756:48: error: argument 2 of type 'unsigned char[32]' with mismatched bound [-Werror=array-parameter=]
 1756 |                                  unsigned char hash[32],
      |                                  ~~~~~~~~~~~~~~^~~~~~~~
/home/slyfox/dev/git/mbedtls/library/ssl_tls.c:691:69: note: previously declared as 'unsigned char *'
  691 | static void ssl_calc_verify_tls_sha256( const mbedtls_ssl_context *,unsigned char *, size_t * );
      |                                                                     ^~~~~~~~~~~~~~~
/home/slyfox/dev/git/mbedtls/library/ssl_tls.c:1805:48: error: argument 2 of type 'unsigned char[48]' with mismatched bound [-Werror=array-parameter=]
 1805 |                                  unsigned char hash[48],
      |                                  ~~~~~~~~~~~~~~^~~~~~~~
/home/slyfox/dev/git/mbedtls/library/ssl_tls.c:697:70: note: previously declared as 'unsigned char *'
  697 | static void ssl_calc_verify_tls_sha384( const mbedtls_ssl_context *, unsigned char *, size_t * );
      |                                                                      ^~~~~~~~~~~~~~~
/home/slyfox/dev/git/mbedtls/library/ssl_tls.c: In function 'ssl_calc_verify_tls_sha384':
/home/slyfox/dev/git/mbedtls/library/ssl_tls.c:1839:5: error: 'mbedtls_sha512_finish_ret' accessing 64 bytes in a region of size 48 [-Werror=stringop-overflow=]
 1839 |     mbedtls_sha512_finish_ret( &sha512, hash );
      |     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/home/slyfox/dev/git/mbedtls/library/ssl_tls.c:1839:5: note: referencing argument 2 of type 'unsigned char *'
In file included from /home/slyfox/dev/git/mbedtls/include/mbedtls/ssl_internal.h:51,
                 from /home/slyfox/dev/git/mbedtls/library/ssl_tls.c:41:
/home/slyfox/dev/git/mbedtls/include/mbedtls/sha512.h:145:5: note: in a call to function 'mbedtls_sha512_finish_ret'
  145 | int mbedtls_sha512_finish_ret( mbedtls_sha512_context *ctx,
      |     ^~~~~~~~~~~~~~~~~~~~~~~~~
/home/slyfox/dev/git/mbedtls/library/ssl_tls.c: In function 'ssl_calc_finished_tls_sha384':
/home/slyfox/dev/git/mbedtls/library/ssl_tls.c:3260:5: error: 'mbedtls_sha512_finish_ret' accessing 64 bytes in a region of size 48 [-Werror=stringop-overflow=]
 3260 |     mbedtls_sha512_finish_ret( &sha512, padbuf );
      |     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/home/slyfox/dev/git/mbedtls/library/ssl_tls.c:3260:5: note: referencing argument 2 of type 'unsigned char *'
In file included from /home/slyfox/dev/git/mbedtls/include/mbedtls/ssl_internal.h:51,
                 from /home/slyfox/dev/git/mbedtls/library/ssl_tls.c:41:
/home/slyfox/dev/git/mbedtls/include/mbedtls/sha512.h:145:5: note: in a call to function 'mbedtls_sha512_finish_ret'
  145 | int mbedtls_sha512_finish_ret( mbedtls_sha512_context *ctx,
      |     ^~~~~~~~~~~~~~~~~~~~~~~~~
MayuriLwiznet commented 2 years ago

Hi @trofi , I am also facing the same error with GCC-12. Did you find any work around for this error? Please suggest. Thanks in Advance.

logs for ref

C:\Users\mayuri\Documents\wizfi360-evbpico\WizFi360-EVB-Pico-C\libraries\mbedtls\library\ssl_tls.c:1755:48: error: argument 2 of type 'unsigned char[32]' with mismatched bound [-Werror=array-parameter=] [build] 1755 | unsigned char hash[32], [build] | ~~~~~~~~~~~~~~^~~~~~~~ [build] C:\Users\mayuri\Documents\wizfi360-evbpico\WizFi360-EVB-Pico-C\libraries\mbedtls\library\ssl_tls.c:690:69: note: previously declared as 'unsigned char *' [build] 690 | static void ssl_calc_verify_tls_sha256( const mbedtls_ssl_context *,unsigned char *, size_t * ); [build] | ^~~~~~~~~~~~~~~ [build] cc1.exe: all warnings being treated as errors [build] NMAKE : fatal error U1077: 'C:\PROGRA~2\ARMGNU~1\1213FB~1.2MP\bin\AR19DD~1.EXE' : return code '0x1' [build] Stop.

trofi commented 2 years ago

I personally disabled -Werror by patching CMakeFiles.txt locally for 2.x versions of mbedtls. If you have a chance to use 3.x versions then https://github.com/Mbed-TLS/mbedtls/commit/21c8fe5c6ec28e8aad5d5c1be1cc39e519c9f241 upstream fix should just work for you. If it still does not then it's probably a separate issue and I suggect you to file a separate bug,