Closed mickae1 closed 5 years ago
Interesting to see this precaution check fail in practice. The above error is shown in the following case:
#define OSSL_CMP_PKIFAILUREINFO_MAX 26
#define OSSL_CMP_PKIFAILUREINFO_MAX_BIT_PATTERN \
( (1<<(OSSL_CMP_PKIFAILUREINFO_MAX+1)) - 1)
#if OSSL_CMP_PKIFAILUREINFO_MAX_BIT_PATTERN > INT_MAX
so INT_MAX
is wrongly defined in your header files or sizeof(int) is < 4 in your target architecture or the calculation of OSSL_CMP_PKIFAILUREINFO_MAX_BIT_PATTERN
goes wrong in your compiler. Can you check these three values?
`#include
int main() {
printf("The number of bits in a byte %d\n", CHAR_BIT);
printf("The minimum value of SIGNED CHAR = %d\n", SCHAR_MIN); printf("The maximum value of SIGNED CHAR = %d\n", SCHAR_MAX); printf("The maximum value of UNSIGNED CHAR = %d\n", UCHAR_MAX);
printf("The minimum value of SHORT INT = %d\n", SHRT_MIN); printf("The maximum value of SHORT INT = %d\n", SHRT_MAX);
printf("The minimum value of INT = %d\n", INT_MIN); printf("The maximum value of INT = %d\n", INT_MAX);
printf("The minimum value of CHAR = %d\n", CHAR_MIN); printf("The maximum value of CHAR = %d\n", CHAR_MAX);
printf("The minimum value of LONG = %ld\n", LONG_MIN); printf("The maximum value of LONG = %ld\n", LONG_MAX);
return(0); }`
the result: The number of bits in a byte 8 The minimum value of SIGNED CHAR = -128 The maximum value of SIGNED CHAR = 127 The maximum value of UNSIGNED CHAR = 255 The minimum value of SHORT INT = -32768 The maximum value of SHORT INT = 32767 The minimum value of INT = -2147483648 The maximum value of INT = 2147483647 The minimum value of CHAR = 0 The maximum value of CHAR = 255 The minimum value of LONG = -2147483648 The maximum value of LONG = 2147483647
So your sizeof(int)
is 4, which is sufficient, and thus the error should be a false positive.
I suggest you compile the following and report its outcome.
#define OSSL_CMP_PKIFAILUREINFO_MAX 26
#define OSSL_CMP_PKIFAILUREINFO_MAX_BIT_PATTERN \
( (1<<(OSSL_CMP_PKIFAILUREINFO_MAX+1)) - 1)
printf("INT_MAX=%x, OSSL_CMP_PKIFAILUREINFO_MAX_BIT_PATTERN=%x, OSSL_CMP_PKIFAILUREINFO_MAX_BIT_PATTERN > INT_MAX=%d\n,
INT_MAX, OSSL_CMP_PKIFAILUREINFO_MAX_BIT_PATTERN, OSSL_CMP_PKIFAILUREINFO_MAX_BIT_PATTERN > INT_MAX);
Since the value of INT_MAX
is fine, the preprocessor of your compiler must get the value of the expression ((1<<(26+1)) - 1)
or the comparison OSSL_CMP_PKIFAILUREINFO_MAX_BIT_PATTERN > INT_MAX
wrong. Will be interesting to set what its result is.
Hi,
I've tested:
printf("test1 %d\n", ( (1<<(OSSL_CMP_PKIFAILUREINFO_MAX+1)) - 1) ); printf("test2 %d\n", (1<<(OSSL_CMP_PKIFAILUREINFO_MAX+1)) ); printf("test3 %d\n", 1<<(OSSL_CMP_PKIFAILUREINFO_MAX+1) ); printf("test4 %d\n", (OSSL_CMP_PKIFAILUREINFO_MAX+1) );
the result;
test1 134217727 test2 134217728 test3 134217728 test4 27
On Fri, Feb 8, 2019 at 5:28 AM David von Oheimb notifications@github.com wrote:
Since the value of INT_MAX is fine, the preprocessor of your compiler must get the value of the expression ((1<<(26+1)) - 1) or the comparison OSSL_CMP_PKIFAILUREINFO_MAX_BIT_PATTERN
INT_MAX wrong. Will be interesting to set what its result is.
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/mpeylo/cmpossl/issues/156#issuecomment-461686959, or mute the thread https://github.com/notifications/unsubscribe-auth/AEB2COqf901DMmzaKfHHFr6nAYdhKsKtks5vLPzYgaJpZM4aiwHW .
It is normal that 1 << 27 gives : 134217728
On Fri, Feb 8, 2019 at 9:10 AM Micka mickamusset@gmail.com wrote:
Hi,
I've tested:
printf("test1 %d\n", ( (1<<(OSSL_CMP_PKIFAILUREINFO_MAX+1)) - 1) ); printf("test2 %d\n", (1<<(OSSL_CMP_PKIFAILUREINFO_MAX+1)) ); printf("test3 %d\n", 1<<(OSSL_CMP_PKIFAILUREINFO_MAX+1) ); printf("test4 %d\n", (OSSL_CMP_PKIFAILUREINFO_MAX+1) );
the result;
test1 134217727 test2 134217728 test3 134217728 test4 27
On Fri, Feb 8, 2019 at 5:28 AM David von Oheimb notifications@github.com wrote:
Since the value of INT_MAX is fine, the preprocessor of your compiler must get the value of the expression ((1<<(26+1)) - 1) or the comparison OSSL_CMP_PKIFAILUREINFO_MAX_BIT_PATTERN
INT_MAX wrong. Will be interesting to set what its result is.
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/mpeylo/cmpossl/issues/156#issuecomment-461686959, or mute the thread https://github.com/notifications/unsubscribe-auth/AEB2COqf901DMmzaKfHHFr6nAYdhKsKtks5vLPzYgaJpZM4aiwHW .
and the result of your questions: INT_MAX=7fffffff, OSSL_CMP_PKIFAILUREINFO_MAX_BIT_PATTERN=7ffffff, OSSL_CMP_PKIFAILUREINFO_MAX_BIT_PATTERN > INT_MAX=0
I don't understand how your test could pass before .....
So your compiler did the calculations right.
I don't understand why you apparently got the error "CMP_PKIFAILUREINFO_MAX bit pattern does not fit in type int", since OSSL_CMP_PKIFAILUREINFO_MAX_BIT_PATTERN =< INT_MAX
holds.
because it is < and not <= !
( (1<<(OSSL_CMP_PKIFAILUREINFO_MAX+1)) - 1)
On Fri, Feb 8, 2019 at 3:15 PM David von Oheimb notifications@github.com wrote:
So your compiler did the calculations right. I don't understand why you apparently got the error "CMP_PKIFAILUREINFO_MAX bit pattern does not fit in type int", since OSSL_CMP_PKIFAILUREINFO_MAX_BIT_PATTERN =< INT_MAX holds.
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or mute the thread.
No, note that the printed value of OSSL_CMP_PKIFAILUREINFO_MAX_BIT_PATTERN has one 'f' less than INT_MAX and thus is much smaller (which was expected), and the error occurs if it is larger, so no error if it is less or equal.
i just checked the compiler error one more time :
crypto/cmp/cmp_int.h:279:47: warning: "INT_MAX" is not defined [-Wundef]
the problem is that INT_MAX is not defined
Then something must be wrong regarding the header file limits.h
, which should define INT_MAX
.
cmp_int.h
includes ossl_typ.h
, which should include limits.h
.
I just found that this is the case only since OpenSSL 1.1.0-pre2.
Which version of OpenSSL are you compiling with?
If it is anything before 1.1.0-pre2 (in particular, any 1.0.2*), I suggest as a workaround adding #include <limits.h>
or using the gcc command-line argument -include limits.h
.
Moreover, for compiling the CMP lib with OpenSSL 1.0.2 you will likely also need to add the following quirks (to the gcc command line or to CFLAGS
): -Wno-discarded-qualifiers -Wno-incompatible-pointer-types -Wno-unused-parameter
as meanwhile described in the Quick Start Guide.
I'm not using openssl 1.0.2.
I'm using : OpenSSL 1.1.0f 25 May 2017
Then I do not understand why MAX_INT
is not defined in your case.
How far do you get when you manually add limits.h
as I suggested above?
@mickae1, does this work for you now?
Closing this due to missing response. Works for me.
Hi, when i tried to compile, I've this error
`crypto/cmp/cmp_int.h:280:3: error: #error CMP_PKIFAILUREINFO_MAX bit pattern does not fit in type int
error CMP_PKIFAILUREINFO_MAX bit pattern does not fit in type int
^ In file included from ././include_cmp/openssl/crmf.h:42:0, from:0:
crypto/cmp/cmp_int.h: In function 'sk_OSSL_CMP_REVDETAILS_delete_ptr':
./include_cmp/openssl/safestack_backport.h:97:44: warning: passing argument 2 of 'sk_delete_ptr' discards 'const' qualifier from pointer target type
(const void *)ptr); `