Commit 750f03a3 authored by Nikos Mavrogiannopoulos's avatar Nikos Mavrogiannopoulos

Merge branch 'tmp-gitlab-ci-update' into 'master'

Added static analyzers and gnutls test suite

See merge request !3
parents 946565d8 52d65a14
Pipeline #18434823 passed with stage
in 37 minutes and 27 seconds
image: centos:7
before_script:
- yum install -y git make bison autoconf libtool automake gettext-devel glibc-devel gcc valgrind clang libasan-static libubsan
variables:
BUILD_IMAGES_PROJECT: gnutls/build-images
FEDORA_BUILD: buildenv-f26
FEDORA_X86_BUILD: buildenv-f26-x86
GET_SOURCES_ATTEMPTS: "3"
# See http://doc.gitlab.com/ce/ci/yaml/ for documentation.
Build and Check (x86-64):
x86-64:
image: $CI_REGISTRY/$BUILD_IMAGES_PROJECT:$FEDORA_BUILD
script:
- git submodule update --init && make autoreconf && ./configure --disable-doc && make -j4 && make -j4 check
- git submodule update --init && make autoreconf && ./configure --disable-doc && make -j$(nproc) && make -j$(nproc) check
except:
- tags
tags:
- shared
Build and Check (x86):
x86:
image: $CI_REGISTRY/$BUILD_IMAGES_PROJECT:$FEDORA_X86_BUILD
script:
- yum install -y libgcc.i686 glibc-devel.i686
- git submodule update --init && make autoreconf &&
PKG_CONFIG_PATH="/usr/lib/pkgconfig/" CFLAGS="-O2 -g -m32" LDFLAGS="-m32" ./configure --build=i686-redhat-linux --target=i686-redhat-linux --disable-doc && make -j4 && make -j4 check
PKG_CONFIG_PATH="/usr/lib/pkgconfig/" CFLAGS="-O2 -g -m32" LDFLAGS="-m32" ./configure --build=i686-redhat-linux --target=i686-redhat-linux --disable-doc && make -j$(nproc) && make -j$(nproc) check
except:
- tags
tags:
- shared
Build and Check with clang:
clang:
image: $CI_REGISTRY/$BUILD_IMAGES_PROJECT:$FEDORA_BUILD
script:
- git submodule update --init && make autoreconf && CC=clang
./configure --disable-doc --disable-valgrind-tests && make -j4 && make check -j4
- git submodule update --init && make autoreconf && CC=clang
./configure --disable-doc --disable-valgrind-tests && make -j$(nproc) && make check -j$(nproc)
except:
- tags
tags:
- shared
Build and Check with asan:
asan:
image: $CI_REGISTRY/$BUILD_IMAGES_PROJECT:$FEDORA_BUILD
script:
- git submodule update --init && make autoreconf && CFLAGS="-fsanitize=address -g
-O2" LDFLAGS="-static-libasan" ./configure --disable-doc --disable-valgrind-tests && make -j4 && make check -j4
-O2" LDFLAGS="-static-libasan" ./configure --disable-doc --disable-valgrind-tests && make -j$(nproc) && make check -j$(nproc)
except:
- tags
tags:
- shared
Build and Check with ubsan:
image: fedora:24
ubsan:
image: $CI_REGISTRY/$BUILD_IMAGES_PROJECT:$FEDORA_BUILD
script:
- yum install -y git make autoconf libtool automake gettext-devel glibc-devel gcc valgrind clang libasan-static libubsan
- git submodule update --init && make autoreconf && CFLAGS="-fsanitize=undefined -fno-sanitize-recover -g
-O2" ./configure --disable-doc --disable-valgrind-tests && make -j4 && make check -j4
-O2" ./configure --disable-doc --disable-valgrind-tests && make -j$(nproc) && make check -j$(nproc)
tags:
- shared
except:
- tags
MinGW32:
image: fedora:24
image: $CI_REGISTRY/$BUILD_IMAGES_PROJECT:$FEDORA_BUILD
script:
- dnf install -y wine.i686 mingw32-gcc util-linux
- mount -t binfmt_misc binfmt_misc /proc/sys/fs/binfmt_misc
......@@ -68,3 +76,41 @@ MinGW32:
- build/tests/*.log
- build/tests/*/*.log
gnutls:
image: $CI_REGISTRY/$BUILD_IMAGES_PROJECT:$FEDORA_BUILD
script:
- ./.bootstrap &&
- ./configure --disable-doc --prefix=/usr --libdir=/usr/lib64 &&
make -j$(nproc) && make install
- git clone --depth 1 --branch master https://gitlab.com/gnutls/gnutls.git gnutls-git
- cd gnutls-git && git submodule update --init && make autoreconf &&
./configure --disable-cxx --disable-guile --disable-doc && make -j$(nproc) &&
make -j $(nproc) check
tags:
- shared
except:
- tags
artifacts:
expire_in: 1 week
when: on_failure
paths:
- gnutls-git/guile/tests/*.log
- gnutls-git/tests/*.log
- gnutls-git/*.log
- gnutls-git/tests/*/*.log
- gnutls-git/tests/suite/*/*.log
static-analyzers:
image: $CI_REGISTRY/$BUILD_IMAGES_PROJECT:$FEDORA_BUILD
script:
- yum install -y git make autoconf libtool automake gettext-devel glibc-devel gcc valgrind clang libasan-static libubsan
- git submodule update --init && make autoreconf
- scan-build ./configure --disable-doc
- make -j$(nproc) syntax-check
- make -j$(nproc) -C gl
- make -j$(nproc) -C lib ASN1.lo
- scan-build --status-bugs -o scan-build-lib make -j$(nproc) -C lib
tags:
- shared
except:
- tags
......@@ -38,9 +38,13 @@ exclude_file_name_regexp--sc_prohibit_empty_lines_at_EOF = ^tests/TestIndef.p12$
exclude_file_name_regexp--sc_GPL_version = ^lib/libtasn1.h$$
exclude_file_name_regexp--sc_program_name = ^tests/|examples/
exclude_file_name_regexp--sc_prohibit_atoi_atof = ^src/asn1Coding.c|src/asn1Decoding.c$$
exclude_file_name_regexp--sc_prohibit_empty_lines_at_EOF = ^tests/crlf.cer|tests/TestIndef.p12$$
exclude_file_name_regexp--sc_prohibit_empty_lines_at_EOF = ^tests/.*.(cer|der|asn|txt|p12)|tests/TestIndef.p12|msvc/.*$$
exclude_file_name_regexp--sc_error_message_uppercase = ^tests/Test_tree.c$$
exclude_file_name_regexp--sc_unmarked_diagnostics = ^tests/Test_tree.c$$
exclude_file_name_regexp--sc_prohibit_undesirable_word_seq = ^msvc/.*$$
exclude_file_name_regexp--sc_trailing_blank = ^msvc/.*$$
exclude_file_name_regexp--sc_useless_cpp_parens = ^lib/libtasn1.h$$
exclude_file_name_regexp--sc_prohibit_intprops_without_use = ^lib/decoding.c$$
bootstrap-tools := autoconf,automake,libtool,bison
gpg_key_ID = b565716f
......
......@@ -5,7 +5,7 @@ in order to avoid having people working on the same thing.
Current list:
+ Audit the code
* Avoid the usage of any global state in array2tree or parser2tree
functions.
functions.
* Allow extracting the time in a reasonable format (e.g. time_t)
* C structure generation instead of a single array
* CHOICE in CHOICE (e.g., RDN in byName in ResponderID in OCSP) cannot
......
......@@ -15,7 +15,7 @@ This manual is for GNU Libtasn1
which is a library for Abstract Syntax Notation One (ASN.1) and
Distinguished Encoding Rules (DER) manipulation.
Copyright @copyright{} 2001-2015 Free Software Foundation, Inc.
Copyright @copyright{} 2001-2018 Free Software Foundation, Inc.
@quotation
Permission is granted to copy, distribute and/or modify this document
......
......@@ -1292,7 +1292,7 @@ asn1_der_coding (asn1_node element, const char *name, void *ider, int *len,
goto error;
}
max_len -= len2;
if (max_len >= 0)
if (max_len >= 0 && der)
memcpy (der + counter, p->value + len3, len2);
counter += len2;
move = RIGHT;
......
......@@ -306,7 +306,7 @@ asn1_get_octet_der (const unsigned char *der, int der_len,
}
/*-
/*-
* _asn1_get_time_der:
* @type: %ASN1_ETYPE_GENERALIZED_TIME or %ASN1_ETYPE_UTC_TIME
* @der: DER data to decode containing the time
......@@ -1049,7 +1049,7 @@ asn1_der_decoding2 (asn1_node *element, const void *ider, int *max_ider_len,
if (ris == ASN1_SUCCESS)
ris =
extract_tag_der_recursive (p, der + counter, ider_len,
extract_tag_der_recursive (p, der + counter, ider_len,
&tag_len, &inner_tag_len, flags);
if (ris != ASN1_SUCCESS)
......@@ -1414,8 +1414,8 @@ asn1_der_decoding2 (asn1_node *element, const void *ider, int *max_ider_len,
break;
case ASN1_ETYPE_ANY:
/* Check indefinite lenth method in an EXPLICIT TAG */
if (!(flags & ASN1_DECODE_FLAG_STRICT_DER) && (p->type & CONST_TAG) &&
if (!(flags & ASN1_DECODE_FLAG_STRICT_DER) && (p->type & CONST_TAG) &&
tag_len == 2 && (der[counter - 1] == 0x80))
indefinite = 1;
else
......@@ -1555,7 +1555,7 @@ cleanup:
*
* Fill the structure *@element with values of a DER encoding
* string. The structure must just be created with function
* asn1_create_element().
* asn1_create_element().
*
* Note that the *@element variable is provided as a pointer for
* historical reasons.
......@@ -2159,7 +2159,7 @@ static int append(uint8_t **dst, unsigned *dst_size, const unsigned char *src, u
* @ber_len: the total length occupied by BER (may be %NULL)
* @have_tag: whether a DER tag is included
*
* Decodes a BER encoded type. The output is an allocated value
* Decodes a BER encoded type. The output is an allocated value
* of the data. This decodes BER STRINGS only. Other types are
* decoded as DER.
*
......@@ -2361,7 +2361,7 @@ cleanup:
* @str_len: the length of the data
* @ber_len: the total length occupied by BER (may be %NULL)
*
* Decodes a BER encoded type. The output is an allocated value
* Decodes a BER encoded type. The output is an allocated value
* of the data. This decodes BER STRINGS only. Other types are
* decoded as DER.
*
......
......@@ -135,7 +135,7 @@ _asn1_convert_integer (const unsigned char *value, unsigned char *value_out,
* The last element in the list may be provided in @pcache, to avoid
* traversing the list, an expensive operation in long lists.
*
* On success it returns in @pcache the added element (which is the
* On success it returns in @pcache the added element (which is the
* tail in the list of added elements).
*/
int
......@@ -699,7 +699,7 @@ asn1_write_value (asn1_node node_root, const char *name,
* @len: number of bytes of *value: value[0]..value[len-1]. Initialy
* holds the sizeof value.
*
* Returns the value of one element inside a structure.
* Returns the value of one element inside a structure.
* If an element is OPTIONAL and this returns
* %ASN1_ELEMENT_NOT_FOUND, it means that this element wasn't present
* in the der encoding that created the structure. The first element
......@@ -772,7 +772,7 @@ asn1_read_value (asn1_node root, const char *name, void *ivalue, int *len)
* holds the sizeof value.
* @etype: The type of the value read (ASN1_ETYPE)
*
* Returns the type and value of one element inside a structure.
* Returns the type and value of one element inside a structure.
* If an element is OPTIONAL and this returns
* %ASN1_ELEMENT_NOT_FOUND, it means that this element wasn't present
* in the der encoding that created the structure. The first element
......
......@@ -393,9 +393,11 @@ asn1_delete_element (asn1_node structure, const char *element_name)
return asn1_delete_structure (&source_node);
}
#ifndef __clang_analyzer__
asn1_node
_asn1_copy_structure3 (asn1_node source_node)
{
/* FIXME: there may be a leak here */
asn1_node dest_node, p_s, p_d, p_d_prev;
int move;
......@@ -448,9 +450,17 @@ _asn1_copy_structure3 (asn1_node source_node)
}
}
while (p_s != source_node);
return dest_node;
}
#else
/* Non-production code */
asn1_node
_asn1_copy_structure3 (asn1_node source_node)
{
return NULL;
}
#endif /* __clang_analyzer__ */
static asn1_node
......
......@@ -164,8 +164,8 @@ main (int argc, char *argv[])
printf ("Cannot encode data (size %ld)\n", (long) size);
exit (1);
}
if (size2 != size || memcmp(buffer, buffer2, size) != 0)
if (size2 != size || memcmp(buffer, buffer2, size) != 0)
{
printf("DER encoded data differ!\n");
exit(1);
......
......@@ -56,7 +56,7 @@ static const struct tv tv[] = {
#define SSTR(x) sizeof(x)-1,x
static const struct tv ber[] = {
{ASN1_ETYPE_OCTET_STRING,
{ASN1_ETYPE_OCTET_STRING,
SSTR("\xa0\xa0"),
SSTR("\x24\x80\x04\x82\x00\x02\xa0\xa0\x00\x00")},
{ASN1_ETYPE_OCTET_STRING,
......
......@@ -144,8 +144,8 @@ main (int argc, char *argv[])
printf ("Cannot encode data (size %ld)\n", (long) size);
exit (1);
}
if (size2 != size || memcmp(buffer, buffer2, size) != 0)
if (size2 != size || memcmp(buffer, buffer2, size) != 0)
{
printf("DER encoded data differ!\n");
exit(1);
......@@ -170,8 +170,8 @@ main (int argc, char *argv[])
printf ("Cannot encode data (size %ld)\n", (long) size);
exit (1);
}
if (size2 != size || memcmp(buffer, buffer2, size) != 0)
if (size2 != size || memcmp(buffer, buffer2, size) != 0)
{
printf("DER encoded data differ!\n");
exit(1);
......
......@@ -106,8 +106,6 @@ main (int argc, char** argv)
exit (1);
}
len = sizeof(data);
result = asn1_read_value(node1, "tbsResponseData.responderID.byKey", data, &len);
if (result != ASN1_SUCCESS)
......
......@@ -939,7 +939,7 @@ pkcs-7-ContentInfo ::= SEQUENCE {
pkcs-7-DigestInfo ::= SEQUENCE {
digestAlgorithm AlgorithmIdentifier,
digest OCTET STRING
digest OCTET STRING
}
pkcs-7-SignedData ::= SEQUENCE {
......@@ -948,7 +948,7 @@ pkcs-7-SignedData ::= SEQUENCE {
encapContentInfo pkcs-7-EncapsulatedContentInfo,
certificates [0] IMPLICIT pkcs-7-CertificateSet OPTIONAL,
crls [1] IMPLICIT pkcs-7-CertificateRevocationLists OPTIONAL,
signerInfos pkcs-7-SignerInfos
signerInfos pkcs-7-SignerInfos
}
pkcs-7-DigestAlgorithmIdentifiers ::= SET OF AlgorithmIdentifier
......@@ -1263,7 +1263,7 @@ ResponseData ::= SEQUENCE {
ResponderID ::= CHOICE {
-- Changed to work with the libtasn1 parser.
byName [1] EXPLICIT RDNSequence, --Name
byKey [2] EXPLICIT OCTET STRING --SHA-1 hash of responder's public key
byKey [2] EXPLICIT OCTET STRING --SHA-1 hash of responder's public key
}
CertID ::= SEQUENCE {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment