| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 30 Jan 2019 17:30:34 -0600
From: "Gustavo A. R. Silva" <gustavo@...eddedor.com>
To: Kees Cook <keescook@...omium.org>
Cc: LKML <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] lib: zstd: Mark expected switch fall-throughs
On 1/30/19 1:58 AM, Kees Cook wrote:
> On Wed, Jan 30, 2019 at 12:34 PM Gustavo A. R. Silva
> <gustavo@...eddedor.com> wrote:
>>
>> In preparation to enabling -Wimplicit-fallthrough, mark switch
>> cases where we are expecting to fall through.
>>
>> This patch fixes the following warnings:
>>
>> lib/zstd/bitstream.h:261:30: warning: this statement may fall through [-Wimplicit-fallthrough=]
>> lib/zstd/bitstream.h:262:30: warning: this statement may fall through [-Wimplicit-fallthrough=]
>> lib/zstd/bitstream.h:263:30: warning: this statement may fall through [-Wimplicit-fallthrough=]
>> lib/zstd/bitstream.h:264:30: warning: this statement may fall through [-Wimplicit-fallthrough=]
>> lib/zstd/bitstream.h:265:30: warning: this statement may fall through [-Wimplicit-fallthrough=]
>> lib/zstd/compress.c:3183:16: warning: this statement may fall through [-Wimplicit-fallthrough=]
>> lib/zstd/decompress.c:1770:18: warning: this statement may fall through [-Wimplicit-fallthrough=]
>> lib/zstd/decompress.c:2376:15: warning: this statement may fall through [-Wimplicit-fallthrough=]
>> lib/zstd/decompress.c:2404:15: warning: this statement may fall through [-Wimplicit-fallthrough=]
>> lib/zstd/decompress.c:2435:16: warning: this statement may fall through [-Wimplicit-fallthrough=]
>> lib/zstd/huf_compress.c: In function ‘HUF_compress1X_usingCTable’:
>> lib/zstd/huf_compress.c:535:5: warning: this statement may fall through [-Wimplicit-fallthrough=]
>> if (sizeof((stream)->bitContainer) * 8 < HUF_TABLELOG_MAX * 4 + 7) \
>> ^
>> lib/zstd/huf_compress.c:558:54: note: in expansion of macro ‘HUF_FLUSHBITS_2’
>> case 3: HUF_encodeSymbol(&bitC, ip[n + 2], CTable); HUF_FLUSHBITS_2(&bitC);
>> ^~~~~~~~~~~~~~~
>> lib/zstd/huf_compress.c:559:2: note: here
>> case 2: HUF_encodeSymbol(&bitC, ip[n + 1], CTable); HUF_FLUSHBITS_1(&bitC);
>> ^~~~
>> lib/zstd/huf_compress.c:531:5: warning: this statement may fall through [-Wimplicit-fallthrough=]
>> if (sizeof((stream)->bitContainer) * 8 < HUF_TABLELOG_MAX * 2 + 7) \
>> ^
>> lib/zstd/huf_compress.c:559:54: note: in expansion of macro ‘HUF_FLUSHBITS_1’
>> case 2: HUF_encodeSymbol(&bitC, ip[n + 1], CTable); HUF_FLUSHBITS_1(&bitC);
>> ^~~~~~~~~~~~~~~
>> lib/zstd/huf_compress.c:560:2: note: here
>> case 1: HUF_encodeSymbol(&bitC, ip[n + 0], CTable); HUF_FLUSHBITS(&bitC);
>> ^~~~
>> AR lib/zstd//built-in.a
>>
>> Warning level 3 was used: -Wimplicit-fallthrough=3
>>
>> This patch is part of the ongoing efforts to enabling -Wimplicit-fallthrough.
>>
>> Signed-off-by: Gustavo A. R. Silva <gustavo@...eddedor.com>
>> ---
>> lib/zstd/bitstream.h | 5 +++++
>> lib/zstd/compress.c | 1 +
>> lib/zstd/decompress.c | 5 ++++-
>> lib/zstd/huf_compress.c | 2 ++
>> 4 files changed, 12 insertions(+), 1 deletion(-)
>>
>> diff --git a/lib/zstd/bitstream.h b/lib/zstd/bitstream.h
>> index a826b99e1d63..3a49784d5c61 100644
>> --- a/lib/zstd/bitstream.h
>> +++ b/lib/zstd/bitstream.h
>> @@ -259,10 +259,15 @@ ZSTD_STATIC size_t BIT_initDStream(BIT_DStream_t *bitD, const void *srcBuffer, s
>> bitD->bitContainer = *(const BYTE *)(bitD->start);
>> switch (srcSize) {
>> case 7: bitD->bitContainer += (size_t)(((const BYTE *)(srcBuffer))[6]) << (sizeof(bitD->bitContainer) * 8 - 16);
>> + /* fall through */
>> case 6: bitD->bitContainer += (size_t)(((const BYTE *)(srcBuffer))[5]) << (sizeof(bitD->bitContainer) * 8 - 24);
>> + /* fall through */
>> case 5: bitD->bitContainer += (size_t)(((const BYTE *)(srcBuffer))[4]) << (sizeof(bitD->bitContainer) * 8 - 32);
>> + /* fall through */
>> case 4: bitD->bitContainer += (size_t)(((const BYTE *)(srcBuffer))[3]) << 24;
>> + /* fall through */
>> case 3: bitD->bitContainer += (size_t)(((const BYTE *)(srcBuffer))[2]) << 16;
>> + /* fall through */
>> case 2: bitD->bitContainer += (size_t)(((const BYTE *)(srcBuffer))[1]) << 8;
>> default:;
>> }
>> diff --git a/lib/zstd/compress.c b/lib/zstd/compress.c
>> index f9166cf4f7a9..5e0b67003e55 100644
>> --- a/lib/zstd/compress.c
>> +++ b/lib/zstd/compress.c
>> @@ -3182,6 +3182,7 @@ static size_t ZSTD_compressStream_generic(ZSTD_CStream *zcs, void *dst, size_t *
>> zcs->outBuffFlushedSize = 0;
>> zcs->stage = zcss_flush; /* pass-through to flush stage */
>> }
>> + /* fall through */
>
> Perhaps reword the existing comment and move it down?
>
>>
>> case zcss_flush: {
>> size_t const toFlush = zcs->outBuffContentSize - zcs->outBuffFlushedSize;
>> diff --git a/lib/zstd/decompress.c b/lib/zstd/decompress.c
>> index b17846725ca0..269ee9a796c1 100644
>> --- a/lib/zstd/decompress.c
>> +++ b/lib/zstd/decompress.c
>> @@ -1768,6 +1768,7 @@ size_t ZSTD_decompressContinue(ZSTD_DCtx *dctx, void *dst, size_t dstCapacity, c
>> return 0;
>> }
>> dctx->expected = 0; /* not necessary to copy more */
>> + /* fall through */
>>
>> case ZSTDds_decodeFrameHeader:
>> memcpy(dctx->headerBuffer + ZSTD_frameHeaderSize_prefix, src, dctx->expected);
>> @@ -2375,7 +2376,7 @@ size_t ZSTD_decompressStream(ZSTD_DStream *zds, ZSTD_outBuffer *output, ZSTD_inB
>> }
>> zds->stage = zdss_read;
>> }
>> - /* pass-through */
>> + /* fall through */
>>
>> case zdss_read: {
>> size_t const neededInSize = ZSTD_nextSrcSizeToDecompress(zds->dctx);
>> @@ -2404,6 +2405,7 @@ size_t ZSTD_decompressStream(ZSTD_DStream *zds, ZSTD_outBuffer *output, ZSTD_inB
>> zds->stage = zdss_load;
>> /* pass-through */
>> }
>> + /* fall through */
>
> Same ("pass-through" exists a couple lines up)
>
>>
>> case zdss_load: {
>> size_t const neededInSize = ZSTD_nextSrcSizeToDecompress(zds->dctx);
>> @@ -2436,6 +2438,7 @@ size_t ZSTD_decompressStream(ZSTD_DStream *zds, ZSTD_outBuffer *output, ZSTD_inB
>> /* pass-through */
>> }
>> }
>> + /* fall through */
>
> Same
Yeah. The thing is that the pass-though comment is embedded in two nested blocks of code. And GCC triggers
a warning if the fall-through comments are not placed at the very bottom of the case statement (some people
dislike this 'feature').
That's the reason why I didn't want to change any of the pass-through comments, and instead added the
fall-through comments at the bottom of every case.
What do you think about this 'feature'?
>
>>
>> case zdss_flush: {
>> size_t const toFlushSize = zds->outEnd - zds->outStart;
>> diff --git a/lib/zstd/huf_compress.c b/lib/zstd/huf_compress.c
>> index 40055a7016e6..e727812d12aa 100644
>> --- a/lib/zstd/huf_compress.c
>> +++ b/lib/zstd/huf_compress.c
>> @@ -556,7 +556,9 @@ size_t HUF_compress1X_usingCTable(void *dst, size_t dstSize, const void *src, si
>> n = srcSize & ~3; /* join to mod 4 */
>> switch (srcSize & 3) {
>> case 3: HUF_encodeSymbol(&bitC, ip[n + 2], CTable); HUF_FLUSHBITS_2(&bitC);
>> + /* fall through */
>> case 2: HUF_encodeSymbol(&bitC, ip[n + 1], CTable); HUF_FLUSHBITS_1(&bitC);
>> + /* fall through */
>> case 1: HUF_encodeSymbol(&bitC, ip[n + 0], CTable); HUF_FLUSHBITS(&bitC);
>> case 0:
>> default:;
>> --
>> 2.20.1
>>
>
> Otherwise, yup, looks good.
>
> Reviewed-by: Kees Cook <keescook@...omium.org>
>
Thanks
--
Gustavo
Powered by blists - more mailing lists