Quiet warnings for stricter compilers configurations (#84)
Fix warnings from -Wcast-qual and -Wstrict-prototypes.
A few other warning fixes and documentation improvements are added.
Also fixes Makefile so the before-release build script can invoke both gcc and clang. That script is here: laurencelundblade/qdv@536f083
This is an alternative to #79. It does not fix warnings for -Wbad-function-cast
because those fixes cause warnings with other compilers (MacOS clang). This doesn't enable GitHub automated build checks. The plan is to do that separately.
diff --git a/Makefile b/Makefile
index 805e702..f7e2e8c 100644
--- a/Makefile
+++ b/Makefile
@@ -1,22 +1,27 @@
# Makefile -- UNIX-style make for qcbor as a lib and command line test
#
-# Copyright (c) 2018-2020, Laurence Lundblade. All rights reserved.
+# Copyright (c) 2018-2021, Laurence Lundblade. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
# See BSD-3-Clause license in README.md
#
-CC=cc
-#CC=/usr/local/bin/gcc-9
+# The math library is needed for floating-point support. To
+# avoid need for it #define QCBOR_DISABLE_FLOAT_HW_USE
LIBS=-lm
-CFLAGS=$(CMD_LINE) -I inc -I test -Os -fPIC
-# The following are used before a release of QCBOR help to make sure
-# the code compiles and runs in the most strict environments, but not
-# all compilers support them so they are not turned on.
-#CFLAGS=-I inc -I test -Os -fpic -Wall -pedantic-errors -Wextra -Wshadow -Wparentheses -Wconversion -xc -std=c99
+
+# The QCBOR makefile uses a minimum of compiler flags so that it will
+# work out-of-the-box with a wide variety of compilers. For example,
+# some compiler error out on some of the warnings flags available with
+# gcc. The $(CMD_LINE) variable allows passing in extra flags. This is
+# used on the stringent build script that is in
+# https://github.com/laurencelundblade/qdv. This script is used
+# before pushes to master (though not yet through and automated build
+# process)
+CFLAGS=$(CMD_LINE) -I inc -I test -Os -fPIC
QCBOR_OBJ=src/UsefulBuf.o src/qcbor_encode.o src/qcbor_decode.o src/ieee754.o src/qcbor_err_to_str.o
@@ -37,6 +42,7 @@
libqcbor.a: $(QCBOR_OBJ)
ar -r $@ $^
+
# The shared library is not made by default because of platform
# variability For example MacOS and Linux behave differently and some
# IoT OS's don't support them at all.
diff --git a/inc/qcbor/UsefulBuf.h b/inc/qcbor/UsefulBuf.h
index 7506c82..6dfacdf 100644
--- a/inc/qcbor/UsefulBuf.h
+++ b/inc/qcbor/UsefulBuf.h
@@ -41,6 +41,7 @@
when who what, where, why
-------- ---- --------------------------------------------------
+ 3/6/2021 mcr/llundblade Fix warnings related to --Wcast-qual
2/17/2021 llundblade Add method to go from a pointer to an offset.
1/25/2020 llundblade Add some casts so static anlyzers don't complain.
5/21/2019 llundblade #define configs for efficient endianness handling.
@@ -377,6 +378,14 @@
@param[in] UBC The @ref UsefulBuf to convert.
@return A non-const @ref UsefulBuf struct.
+
+ It is better to avoid use of this. The intended convention for
+ UsefulBuf is to make an empty buffer, some memory, as a UsefulBuf,
+ fill it in, and then make it a UsefulBufC. In that convension this
+ function is not needed.
+
+ This is an explicit way to quiet compiler warnings from
+ -Wcast-qual.
*/
static inline UsefulBuf UsefulBuf_Unconst(const UsefulBufC UBC);
@@ -606,7 +615,7 @@
static inline size_t UsefulBuf_PointerToOffset(UsefulBufC UB, const void *p);
-#if 1 // NOT_DEPRECATED
+#ifndef USEFULBUF_DISABLE_DEPRECATED
/** Deprecated macro; use @ref UsefulBuf_FROM_SZ_LITERAL instead */
#define SZLiteralToUsefulBufC(szString) \
((UsefulBufC) {(szString), sizeof(szString)-1})
@@ -623,9 +632,13 @@
/** Deprecated function; use UsefulBuf_Unconst() instead */
static inline UsefulBuf UsefulBufC_Unconst(const UsefulBufC UBC)
{
+ // See UsefulBuf_Unconst() implementation for comment on pragmas
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wcast-qual"
return (UsefulBuf){(void *)UBC.ptr, UBC.len};
+#pragma GCC diagnostic pop
}
-#endif
+#endif /* USEFULBUF_DISABLE_DEPRECATED */
@@ -1597,10 +1610,15 @@
return (UsefulBufC){UB.ptr, UB.len};
}
-
static inline UsefulBuf UsefulBuf_Unconst(const UsefulBufC UBC)
{
+ /* -Wcast-qual is a good warning flag to use in general. This is
+ * the one place in UsefulBuf where it needs to be quieted. Since
+ * clang supports GCC pragmas, this works for clang too. */
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wcast-qual"
return (UsefulBuf){(void *)UBC.ptr, UBC.len};
+#pragma GCC diagnostic pop
}
@@ -1647,7 +1665,7 @@
} else if(UB.ptr == NULL) {
ReturnValue = (UsefulBufC){NULL, UB.len - uAmount};
} else {
- ReturnValue = (UsefulBufC){(uint8_t *)UB.ptr + uAmount, UB.len - uAmount};
+ ReturnValue = (UsefulBufC){(const uint8_t *)UB.ptr + uAmount, UB.len - uAmount};
}
return ReturnValue;
@@ -1666,7 +1684,7 @@
}
// Cast to size_t (from ptrdiff_t) is OK because of check above
- const size_t uOffset = (size_t)((uint8_t *)p - (uint8_t *)UB.ptr);
+ const size_t uOffset = (size_t)((const uint8_t *)p - (const uint8_t *)UB.ptr);
if(uOffset >= UB.len) {
/* given pointer is off the end of the buffer */
@@ -2067,7 +2085,7 @@
// The ternery operator is subject to integer promotion, because the
// operands are smaller than int, so cast back to uint8_t is needed
// to be completely explicit about types (for static analyzers)
- return (uint8_t)(pResult ? *(uint8_t *)pResult : 0);
+ return (uint8_t)(pResult ? *(const uint8_t *)pResult : 0);
}
static inline uint16_t UsefulInputBuf_GetUint16(UsefulInputBuf *pMe)
diff --git a/inc/qcbor/qcbor_encode.h b/inc/qcbor/qcbor_encode.h
index 2460897..884ddaa 100644
--- a/inc/qcbor/qcbor_encode.h
+++ b/inc/qcbor/qcbor_encode.h
@@ -1,6 +1,6 @@
/*==============================================================================
Copyright (c) 2016-2018, The Linux Foundation.
- Copyright (c) 2018-2020, Laurence Lundblade.
+ Copyright (c) 2018-2021, Laurence Lundblade.
All rights reserved.
Redistribution and use in source and binary forms, with or without
@@ -1722,6 +1722,8 @@
@param[out] pEncodedCBOR Structure in which the pointer and length of the encoded
CBOR is returned.
+ @retval QCBOR_SUCCESS Encoded CBOR is returned.
+
@retval QCBOR_ERR_TOO_MANY_CLOSES Nesting error
@retval QCBOR_ERR_CLOSE_MISMATCH Nesting error
diff --git a/src/UsefulBuf.c b/src/UsefulBuf.c
index a96f74e..e5be98a 100644
--- a/src/UsefulBuf.c
+++ b/src/UsefulBuf.c
@@ -1,6 +1,6 @@
/*==============================================================================
Copyright (c) 2016-2018, The Linux Foundation.
- Copyright (c) 2018-2020, Laurence Lundblade.
+ Copyright (c) 2018-2021, Laurence Lundblade.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are
@@ -41,6 +41,7 @@
when who what, where, why
-------- ---- ---------------------------------------------------
+ 3/6/2021 mcr/llundblade Fix warnings related to --Wcast-qual
01/28/2020 llundblade Refine integer signedness to quiet static analysis.
01/08/2020 llundblade Documentation corrections & improved code formatting.
11/08/2019 llundblade Re check pointer math and update comments
@@ -106,12 +107,12 @@
return 0;
}
- const uint8_t * const pEnd = (uint8_t *)UB.ptr + UB.len;
+ const uint8_t * const pEnd = (const uint8_t *)UB.ptr + UB.len;
for(const uint8_t *p = UB.ptr; p < pEnd; p++) {
if(*p != uValue) {
/* Byte didn't match */
/* Cast from signed to unsigned . Safe because the loop increments.*/
- return (size_t)(p - (uint8_t *)UB.ptr);
+ return (size_t)(p - (const uint8_t *)UB.ptr);
}
}
@@ -130,7 +131,7 @@
}
for(size_t uPos = 0; uPos <= BytesToSearch.len - BytesToFind.len; uPos++) {
- if(!UsefulBuf_Compare((UsefulBufC){((uint8_t *)BytesToSearch.ptr) + uPos, BytesToFind.len}, BytesToFind)) {
+ if(!UsefulBuf_Compare((UsefulBufC){((const uint8_t *)BytesToSearch.ptr) + uPos, BytesToFind.len}, BytesToFind)) {
return uPos;
}
}
@@ -358,7 +359,7 @@
}
// This is going to succeed
- const void * const result = ((uint8_t *)pMe->UB.ptr) + pMe->cursor;
+ const void * const result = ((const uint8_t *)pMe->UB.ptr) + pMe->cursor;
// Will not overflow because of check using UsefulInputBuf_BytesAvailable()
pMe->cursor += uAmount;
return result;
diff --git a/src/qcbor_decode.c b/src/qcbor_decode.c
index b46908d..6b63eaa 100644
--- a/src/qcbor_decode.c
+++ b/src/qcbor_decode.c
@@ -46,12 +46,6 @@
-/*
- * This casts away the const-ness of a pointer, usually so it can be
- * freed or realloced.
- */
-#define UNCONST_POINTER(ptr) ((void *)(ptr))
-
#define SIZEOF_C_ARRAY(array,type) (sizeof(array)/sizeof(type))
@@ -504,19 +498,30 @@
===========================================================================*/
static inline void
-StringAllocator_Free(const QCBORInternalAllocator *pMe, void *pMem)
+StringAllocator_Free(const QCBORInternalAllocator *pMe, const void *pMem)
{
- (pMe->pfAllocator)(pMe->pAllocateCxt, pMem, 0);
+ /* These pragmas allow the "-Wcast-qual" warnings flag to be set for
+ * gcc and clang. This is the one place where the const needs to be
+ * cast away so const can be use in the rest of the code.
+ */
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wcast-qual"
+ (pMe->pfAllocator)(pMe->pAllocateCxt, (void *)pMem, 0);
+#pragma GCC diagnostic pop
}
// StringAllocator_Reallocate called with pMem NULL is
// equal to StringAllocator_Allocate()
static inline UsefulBuf
StringAllocator_Reallocate(const QCBORInternalAllocator *pMe,
- void *pMem,
+ const void *pMem,
size_t uSize)
{
- return (pMe->pfAllocator)(pMe->pAllocateCxt, pMem, uSize);
+ /* See comment in StringAllocator_Free() */
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wcast-qual"
+ return (pMe->pfAllocator)(pMe->pAllocateCxt, (void *)pMem, uSize);
+#pragma GCC diagnostic pop
}
static inline UsefulBuf
@@ -528,9 +533,13 @@
static inline void
StringAllocator_Destruct(const QCBORInternalAllocator *pMe)
{
+ /* See comment in StringAllocator_Free() */
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wcast-qual"
if(pMe->pfAllocator) {
(pMe->pfAllocator)(pMe->pAllocateCxt, NULL, 0);
}
+#pragma GCC diagnostic pop
}
#endif /* QCBOR_DISABLE_INDEFINITE_LENGTH_STRINGS */
@@ -1290,7 +1299,7 @@
* not NULL and a reallocation happens.
*/
UsefulBuf NewMem = StringAllocator_Reallocate(pAllocator,
- UNCONST_POINTER(FullString.ptr),
+ FullString.ptr,
FullString.len + StringChunkItem.val.string.len);
if(UsefulBuf_IsNULL(NewMem)) {
@@ -1304,7 +1313,7 @@
if(uReturn != QCBOR_SUCCESS && !UsefulBuf_IsNULLC(FullString)) {
/* Getting the item failed, clean up the allocated memory */
- StringAllocator_Free(pAllocator, UNCONST_POINTER(FullString.ptr));
+ StringAllocator_Free(pAllocator, FullString.ptr);
}
#else /* QCBOR_DISABLE_INDEFINITE_LENGTH_STRINGS */
uReturn = QCBOR_ERR_INDEF_LEN_STRINGS_DISABLED;
@@ -1459,7 +1468,7 @@
memmove(&auItemsTags[1], auItemsTags, sizeof(auItemsTags) - sizeof(auItemsTags[0]));
/* Map the tag */
- uint16_t uMappedTagNumer;
+ uint16_t uMappedTagNumer = 0;
uReturn = MapTagNumber(pMe, pDecodedItem->val.uTagV, &uMappedTagNumer);
/* Continue even on error so as to consume all tags wrapping
* this data item so decoding can go on. If MapTagNumber()
diff --git a/test/UsefulBuf_Tests.c b/test/UsefulBuf_Tests.c
index 880be02..264fbca 100644
--- a/test/UsefulBuf_Tests.c
+++ b/test/UsefulBuf_Tests.c
@@ -41,7 +41,7 @@
There is nothing adversarial in this test
*/
-const char * UOBTest_NonAdversarial()
+const char * UOBTest_NonAdversarial(void)
{
const char *szReturn = NULL;
@@ -160,7 +160,7 @@
*/
-const char *UOBTest_BoundaryConditionsTest()
+const char *UOBTest_BoundaryConditionsTest(void)
{
UsefulBuf_MAKE_STACK_UB(outbuf,2);
@@ -248,7 +248,7 @@
// Test function to get size and magic number check
-const char *TestBasicSanity()
+const char *TestBasicSanity(void)
{
UsefulBuf_MAKE_STACK_UB(outbuf,10);
@@ -293,7 +293,7 @@
-const char *UBMacroConversionsTest()
+const char *UBMacroConversionsTest(void)
{
char *szFoo = "foo";
@@ -310,16 +310,17 @@
if(Boo.len != 3 || strncmp(Boo.ptr, "Boo", 3))
return "UsefulBuf_FROM_BYTE_ARRAY_LITERAL failed";
- UsefulBuf B = (UsefulBuf){(void *)Too.ptr, Too.len};
+ char *String = "string"; // Intentionally not const
+ UsefulBuf B = (UsefulBuf){(void *)String, strlen(String)};
UsefulBufC BC = UsefulBuf_Const(B);
- if(BC.len != Too.len || BC.ptr != Too.ptr)
+ if(BC.len != strlen(String) || BC.ptr != String)
return "UsefulBufConst failed";
return NULL;
}
-const char *UBUtilTests()
+const char *UBUtilTests(void)
{
UsefulBuf UB = NULLUsefulBuf;
@@ -628,7 +629,7 @@
}
-const char * UIBTest_IntegerFormat()
+const char * UIBTest_IntegerFormat(void)
{
UsefulOutBuf_MakeOnStack(UOB, 100);
@@ -736,7 +737,7 @@
}
-const char *UBUTest_CopyUtil()
+const char *UBUTest_CopyUtil(void)
{
if(UsefulBufUtil_CopyFloatToUint32(65536.0F) != 0x47800000) {
return "CopyFloatToUint32 failed";
diff --git a/test/qcbor_decode_tests.c b/test/qcbor_decode_tests.c
index 567f654..689d275 100644
--- a/test/qcbor_decode_tests.c
+++ b/test/qcbor_decode_tests.c
@@ -5043,7 +5043,7 @@
/* Repeatedly enter and exit maps and arrays, go off the end of maps
and arrays and such. */
-static int32_t DecodeNestedIterate()
+static int32_t DecodeNestedIterate(void)
{
QCBORDecodeContext DCtx;
int32_t nReturn;
diff --git a/test/qcbor_encode_tests.c b/test/qcbor_encode_tests.c
index f9d8507..c3e7315 100644
--- a/test/qcbor_encode_tests.c
+++ b/test/qcbor_encode_tests.c
@@ -116,10 +116,10 @@
struct UBCompareDiagnostic *pDiag) {
size_t i;
for(i = 0; i < Actual.len; i++) {
- if(((uint8_t *)Actual.ptr)[i] != ((uint8_t *)Expected.ptr)[i]) {
+ if(((const uint8_t *)Actual.ptr)[i] != ((const uint8_t *)Expected.ptr)[i]) {
if(pDiag) {
- pDiag->uActual = ((uint8_t *)Actual.ptr)[i];
- pDiag->uExpected = ((uint8_t *)Expected.ptr)[i];
+ pDiag->uActual = ((const uint8_t *)Actual.ptr)[i];
+ pDiag->uExpected = ((const uint8_t *)Expected.ptr)[i];
pDiag->uOffset = i;
}
// Cast to int is OK as this is only a diagnostic and the sizes