From a7f0c92c0d6478a9e9a4424f3d63600fb8d6b5c1 Mon Sep 17 00:00:00 2001 From: Daniel Pouzzner Date: Wed, 3 Aug 2022 12:30:29 -0500 Subject: [PATCH 1/2] src/internal.c: in GetCipherKeaStr(), when gcc-12 or higher and `__SANITIZE_ADDRESS__`, wrap in a pragma to ignore -Wstringop-overread, due to false positives. --- src/internal.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/src/internal.c b/src/internal.c index 664fdf074..50f474d9a 100644 --- a/src/internal.c +++ b/src/internal.c @@ -22927,6 +22927,15 @@ const char* GetCipherSegment(const WOLFSSL_CIPHER* cipher, char n[][MAX_SEGMENT_ return name; } +/* gcc-12 and later, building with ASAN at -O2 and higher, generate spurious + * stringop-overread warnings on some (but not all...) reads of n[1] in + * GetCipherKeaStr(). + */ +#if defined(__GNUC__) && __GNUC__ > 11 && defined(__SANITIZE_ADDRESS__) +PRAGMA_GCC_DIAG_PUSH +PRAGMA_GCC("GCC diagnostic ignored \"-Wstringop-overread\"") +#endif + const char* GetCipherKeaStr(char n[][MAX_SEGMENT_SZ]) { const char* keaStr = NULL; @@ -22957,6 +22966,9 @@ const char* GetCipherKeaStr(char n[][MAX_SEGMENT_SZ]) { return keaStr; } +#if defined(__GNUC__) && __GNUC__ > 11 && defined(__SANITIZE_ADDRESS__) +PRAGMA_GCC_DIAG_POP +#endif const char* GetCipherAuthStr(char n[][MAX_SEGMENT_SZ]) { From 6e8417e6315a2f7a414b77565e9e60734e9b02cf Mon Sep 17 00:00:00 2001 From: Daniel Pouzzner Date: Wed, 3 Aug 2022 12:30:45 -0500 Subject: [PATCH 2/2] wolfssl/wolfcrypt/blake2-int.h: remove alignment specs on __blake2s_state and __blake2b_state, as they are unneeded, and are not honored by gcc-12+ in stack allocations, leading to (true positive) misaligned-access errors from ASAN. --- wolfssl/wolfcrypt/blake2-int.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/wolfssl/wolfcrypt/blake2-int.h b/wolfssl/wolfcrypt/blake2-int.h index e10fedbab..5626e1bbf 100644 --- a/wolfssl/wolfcrypt/blake2-int.h +++ b/wolfssl/wolfcrypt/blake2-int.h @@ -77,7 +77,7 @@ byte personal[BLAKE2S_PERSONALBYTES]; /* 32 */ } blake2s_param; - typedef struct ALIGN32 __blake2s_state + typedef struct __blake2s_state { word32 h[8]; word32 t[2]; @@ -102,7 +102,7 @@ byte personal[BLAKE2B_PERSONALBYTES]; /* 64 */ } blake2b_param; - typedef struct ALIGN64 __blake2b_state + typedef struct __blake2b_state { word64 h[8]; word64 t[2];