Bug 2166632

Summary: cryptobone: C99 compatibility issues
Product: [Fedora] Fedora Reporter: Florian Weimer <fweimer>
Component: cryptoboneAssignee: Ralf Senderek <innovation>
Status: CLOSED RAWHIDE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: rawhideCC: innovation
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2023-02-05 13:57:50 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 2137512    

Description Florian Weimer 2023-02-02 13:24:50 UTC 
The Fedora build logs show a bunch of implicit function declarations:

gcc -D__UNIX__ -DNDEBUG -I. -DDATA_LITTLEENDIAN -fPIE -DHAS_RECURSIVE_MUTEX -DHAS_ROBUST_MUTEX -O2 -Wno-pointer-sign -Wno-strict-aliasing -fwrapv -fno-delete-null-pointer-checks -fstack-protector-strong -D_FORTIFY_SOURCE=2 -fomit-frame-pointer -D_REENTRANT -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1  -m64  -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -Wl,-rpath,/usr/lib/cryptobone -L. -o cryptoboned cryptoboned.c -l:libclr.so.3.4.5 -lbsd; chmod 700 cryptoboned
cryptoboned.c: In function 'b64encode':
cryptoboned.c:186:26: warning: implicit declaration of function 'base64encode'; did you mean 'b64encode'? [-Wimplicit-function-declaration]
  186 |                 status = base64encode(dest, 2*PGP_MAXBUF, destBytes, src, len-2, CRYPT_CERTTYPE_NONE);
      |                          ^~~~~~~~~~~~
      |                          b64encode
cryptoboned.c: In function 'b64decode':
cryptoboned.c:254:21: warning: implicit declaration of function 'base64decode'; did you mean 'b64decode'? [-Wimplicit-function-declaration]
  254 |            status = base64decode(dest, 2*PGP_MAXBUF, destBytes, src, len-4, CRYPT_CERTTYPE_NONE);
      |                     ^~~~~~~~~~~~
      |                     b64decode
cryptoboned.c: In function 'pgp_check_crypto':
cryptoboned.c:559:12: warning: implicit declaration of function 'strlcpy'; did you mean 'strncpy'? [-Wimplicit-function-declaration]
  559 |            strlcpy(PGP_password,"12345",6);
      |            ^~~~~~~
      |            strncpy
cryptoboned.c: In function 'get_keys':
cryptoboned.c:899:22: warning: implicit declaration of function 'strlcat'; did you mean 'strncat'? [-Wimplicit-function-declaration]
  899 |                      strlcat(values,key,MAXINPUT);
      |                      ^~~~~~~
      |                      strncat

Due to these issues, the package will eventually fail to build in Fedora and with future GCC and Clang releases.

It's not entirely clear to me how to best address these issues. It seems that base64encode etc. are internal cryptlib functions not intended to be used outside of cryptlib?
Comment 1 Ralf Senderek 2023-02-03 17:48:17 UTC 
The issue concerning strlcpy and strlcat can easily been resolved by adding a single include to the source files cryptoboned.c, cryptoboneexternd.c and initdatabase.c .

#include <bsd/string.h>

The issues with base64encode and base64decode will be resolved adding a new header file in which these two functions are being declared:

#include "armor.h"


> cat armor.h

#define OUT_LENGTH_BOUNDED_Z( length )
#define OUT_DATALENGTH_Z 
#define IN_DATALENGTH_MIN( min )
#define IN_ENUM_OPT( name )
#define IN_BUFFER
#define OUT_BUFFER

/*** Declaration of base64encode and base64decode ***/

#define BYTE unsigned char

int base64encode( OUT_BUFFER char *dest,  
                                  IN_DATALENGTH_MIN( 10 ) const int destMaxLen,
                                  OUT_LENGTH_BOUNDED_Z( destMaxLen ) int *destLen,
                                  IN_BUFFER const void *src, 
                                  IN_DATALENGTH_MIN( 10 ) const int srcLen, 
                                  IN_ENUM_OPT( CRYPT_CERTTYPE ) \
                                        const CRYPT_CERTTYPE_TYPE certType );

int base64decode( OUT_BUFFER void *dest,
                                  IN_DATALENGTH_MIN( 10 ) const int destMaxLen,
                                  OUT_DATALENGTH_Z int *destLen,
                                  IN_BUFFER const BYTE *src,
                                  IN_DATALENGTH_MIN( 10 ) const int srcLen, 
                                  IN_ENUM_OPT( CRYPT_CERTFORMAT ) \
                                        const CRYPT_CERTFORMAT_TYPE format );



These changes will soon land in RAWHIDE after testing. 

Ralf
Comment 2 Ralf Senderek 2023-02-03 17:50:56 UTC 
A scratch build for f38 can be found here:


    https://koji.fedoraproject.org/koji/taskinfo?taskID=97057825

Ralf
Comment 3 Florian Weimer 2023-02-03 18:18:24 UTC 
(In reply to Ralf Senderek from comment #2)
> A scratch build for f38 can be found here:
> 
> 
>     https://koji.fedoraproject.org/koji/taskinfo?taskID=97057825

Thank you! I resubmitted this source RPM as a scratch build against the instrumented f38-toolchain buildroot: https://koji.fedoraproject.org/koji/taskinfo?taskID=97058607

As the build succeeded, all C99 compatibility issues that we currently track have been addressed.
Comment 4 Ralf Senderek 2023-02-05 13:57:50 UTC 
The changes that resolve this bug report are now in RAWHIDE.

Ralf


Real build:

https://koji.fedoraproject.org/koji/taskinfo?taskID=97142395