CMP_PKIFAILUREINFO_MAX bit pattern does not fit in type int

[mickae1]

Hi, when i tried to compile, I've this error

`crypto/cmp/cmp_int.h:280:3: error: #error CMP_PKIFAILUREINFO_MAX bit pattern does not fit in type int

error CMP_PKIFAILUREINFO_MAX bit pattern does not fit in type int

^ In file included from ././include_cmp/openssl/crmf.h:42:0, from :0: crypto/cmp/cmp_int.h: In function 'sk_OSSL_CMP_REVDETAILS_delete_ptr': ./include_cmp/openssl/safestack_backport.h:97:44: warning: passing argument 2 of 'sk_delete_ptr' discards 'const' qualifier from pointer target type (const void *)ptr); `

[DDvO]

Interesting to see this precaution check fail in practice. The above error is shown in the following case:

#define OSSL_CMP_PKIFAILUREINFO_MAX 26
#define OSSL_CMP_PKIFAILUREINFO_MAX_BIT_PATTERN \
    ( (1<<(OSSL_CMP_PKIFAILUREINFO_MAX+1)) - 1)
#if OSSL_CMP_PKIFAILUREINFO_MAX_BIT_PATTERN > INT_MAX

so INT_MAX is wrongly defined in your header files or sizeof(int) is < 4 in your target architecture or the calculation of OSSL_CMP_PKIFAILUREINFO_MAX_BIT_PATTERN goes wrong in your compiler. Can you check these three values?

[mickae1]

`#include

include

int main() {

printf("The number of bits in a byte %d\n", CHAR_BIT);

printf("The minimum value of SIGNED CHAR = %d\n", SCHAR_MIN); printf("The maximum value of SIGNED CHAR = %d\n", SCHAR_MAX); printf("The maximum value of UNSIGNED CHAR = %d\n", UCHAR_MAX);

printf("The minimum value of SHORT INT = %d\n", SHRT_MIN); printf("The maximum value of SHORT INT = %d\n", SHRT_MAX);

printf("The minimum value of INT = %d\n", INT_MIN); printf("The maximum value of INT = %d\n", INT_MAX);

printf("The minimum value of CHAR = %d\n", CHAR_MIN); printf("The maximum value of CHAR = %d\n", CHAR_MAX);

printf("The minimum value of LONG = %ld\n", LONG_MIN); printf("The maximum value of LONG = %ld\n", LONG_MAX);

return(0); }`

the result: The number of bits in a byte 8 The minimum value of SIGNED CHAR = -128 The maximum value of SIGNED CHAR = 127 The maximum value of UNSIGNED CHAR = 255 The minimum value of SHORT INT = -32768 The maximum value of SHORT INT = 32767 The minimum value of INT = -2147483648 The maximum value of INT = 2147483647 The minimum value of CHAR = 0 The maximum value of CHAR = 255 The minimum value of LONG = -2147483648 The maximum value of LONG = 2147483647

[DDvO]

So your sizeof(int) is 4, which is sufficient, and thus the error should be a false positive.

I suggest you compile the following and report its outcome.

#define OSSL_CMP_PKIFAILUREINFO_MAX 26
#define OSSL_CMP_PKIFAILUREINFO_MAX_BIT_PATTERN \
    ( (1<<(OSSL_CMP_PKIFAILUREINFO_MAX+1)) - 1)

   printf("INT_MAX=%x, OSSL_CMP_PKIFAILUREINFO_MAX_BIT_PATTERN=%x, OSSL_CMP_PKIFAILUREINFO_MAX_BIT_PATTERN > INT_MAX=%d\n,
           INT_MAX,    OSSL_CMP_PKIFAILUREINFO_MAX_BIT_PATTERN,    OSSL_CMP_PKIFAILUREINFO_MAX_BIT_PATTERN > INT_MAX);

[DDvO]

Since the value of INT_MAX is fine, the preprocessor of your compiler must get the value of the expression ((1<<(26+1)) - 1) or the comparison OSSL_CMP_PKIFAILUREINFO_MAX_BIT_PATTERN > INT_MAX wrong. Will be interesting to set what its result is.

[mickae1]

Hi,

I've tested:

printf("test1 %d\n", ( (1<<(OSSL_CMP_PKIFAILUREINFO_MAX+1)) - 1) ); printf("test2 %d\n", (1<<(OSSL_CMP_PKIFAILUREINFO_MAX+1)) ); printf("test3 %d\n", 1<<(OSSL_CMP_PKIFAILUREINFO_MAX+1) ); printf("test4 %d\n", (OSSL_CMP_PKIFAILUREINFO_MAX+1) );

the result;

test1 134217727 test2 134217728 test3 134217728 test4 27

On Fri, Feb 8, 2019 at 5:28 AM David von Oheimb notifications@github.com wrote:

Since the value of INT_MAX is fine, the preprocessor of your compiler must get the value of the expression ((1<<(26+1)) - 1) or the comparison OSSL_CMP_PKIFAILUREINFO_MAX_BIT_PATTERN

INT_MAX wrong. Will be interesting to set what its result is.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/mpeylo/cmpossl/issues/156#issuecomment-461686959, or mute the thread https://github.com/notifications/unsubscribe-auth/AEB2COqf901DMmzaKfHHFr6nAYdhKsKtks5vLPzYgaJpZM4aiwHW .

[mickae1]

It is normal that 1 << 27 gives : 134217728

On Fri, Feb 8, 2019 at 9:10 AM Micka mickamusset@gmail.com wrote:

Hi,

I've tested:

printf("test1 %d\n", ( (1<<(OSSL_CMP_PKIFAILUREINFO_MAX+1)) - 1) ); printf("test2 %d\n", (1<<(OSSL_CMP_PKIFAILUREINFO_MAX+1)) ); printf("test3 %d\n", 1<<(OSSL_CMP_PKIFAILUREINFO_MAX+1) ); printf("test4 %d\n", (OSSL_CMP_PKIFAILUREINFO_MAX+1) );

the result;

test1 134217727 test2 134217728 test3 134217728 test4 27

On Fri, Feb 8, 2019 at 5:28 AM David von Oheimb notifications@github.com wrote:

Since the value of INT_MAX is fine, the preprocessor of your compiler must get the value of the expression ((1<<(26+1)) - 1) or the comparison OSSL_CMP_PKIFAILUREINFO_MAX_BIT_PATTERN

INT_MAX wrong. Will be interesting to set what its result is.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/mpeylo/cmpossl/issues/156#issuecomment-461686959, or mute the thread https://github.com/notifications/unsubscribe-auth/AEB2COqf901DMmzaKfHHFr6nAYdhKsKtks5vLPzYgaJpZM4aiwHW .

[mickae1]

and the result of your questions: INT_MAX=7fffffff, OSSL_CMP_PKIFAILUREINFO_MAX_BIT_PATTERN=7ffffff, OSSL_CMP_PKIFAILUREINFO_MAX_BIT_PATTERN > INT_MAX=0

I don't understand how your test could pass before .....

[DDvO]

So your compiler did the calculations right. I don't understand why you apparently got the error "CMP_PKIFAILUREINFO_MAX bit pattern does not fit in type int", since OSSL_CMP_PKIFAILUREINFO_MAX_BIT_PATTERN =< INT_MAX holds.

[mickae1]

because it is < and not <= !

define OSSL_CMP_PKIFAILUREINFO_MAX_BIT_PATTERN \

( (1<<(OSSL_CMP_PKIFAILUREINFO_MAX+1)) - 1)

if OSSL_CMP_PKIFAILUREINFO_MAX_BIT_PATTERN > INT_MAX

On Fri, Feb 8, 2019 at 3:15 PM David von Oheimb notifications@github.com wrote:

So your compiler did the calculations right. I don't understand why you apparently got the error "CMP_PKIFAILUREINFO_MAX bit pattern does not fit in type int", since OSSL_CMP_PKIFAILUREINFO_MAX_BIT_PATTERN =< INT_MAX holds.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or mute the thread.

[DDvO]

No, note that the printed value of OSSL_CMP_PKIFAILUREINFO_MAX_BIT_PATTERN has one 'f' less than INT_MAX and thus is much smaller (which was expected), and the error occurs if it is larger, so no error if it is less or equal.

[mickae1]

i just checked the compiler error one more time :

crypto/cmp/cmp_int.h:279:47: warning: "INT_MAX" is not defined [-Wundef]

if OSSL_CMP_PKIFAILUREINFO_MAX_BIT_PATTERN > INT_MAX

the problem is that INT_MAX is not defined

[DDvO]

Then something must be wrong regarding the header file limits.h, which should define INT_MAX. cmp_int.h includes ossl_typ.h, which should include limits.h. I just found that this is the case only since OpenSSL 1.1.0-pre2.

Which version of OpenSSL are you compiling with? If it is anything before 1.1.0-pre2 (in particular, any 1.0.2*), I suggest as a workaround adding #include <limits.h> or using the gcc command-line argument -include limits.h.

Moreover, for compiling the CMP lib with OpenSSL 1.0.2 you will likely also need to add the following quirks (to the gcc command line or to CFLAGS): -Wno-discarded-qualifiers -Wno-incompatible-pointer-types -Wno-unused-parameter as meanwhile described in the Quick Start Guide.

[mickae1]

I'm not using openssl 1.0.2.

I'm using : OpenSSL 1.1.0f 25 May 2017

[DDvO]

Then I do not understand why MAX_INT is not defined in your case. How far do you get when you manually add limits.h as I suggested above?

[DDvO]

@mickae1, does this work for you now?

[DDvO]

Closing this due to missing response. Works for me.