From 4f84cc7d67d3d7938ee416be1290578b6373aefe Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 25 May 2020 12:21:22 +0200 Subject: [PATCH 1/4] Check that all necessary headers are included in error.c Signed-off-by: Gilles Peskine --- scripts/generate_errors.pl | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/scripts/generate_errors.pl b/scripts/generate_errors.pl index 0c1f7e16e..3992f8444 100755 --- a/scripts/generate_errors.pl +++ b/scripts/generate_errors.pl @@ -48,12 +48,16 @@ close(FORMAT_FILE); $/ = $line_separator; my @files = <$include_dir/*.h>; +my @necessary_include_files; my @matches; foreach my $file (@files) { open(FILE, "$file"); my @grep_res = grep(/^\s*#define\s+MBEDTLS_ERR_\w+\s+\-0x[0-9A-Fa-f]+/, ); push(@matches, @grep_res); close FILE; + my $include_name = $file; + $include_name =~ s!.*/!!; + push @necessary_include_files, $include_name if @grep_res; } my $ll_old_define = ""; @@ -63,10 +67,10 @@ my $ll_code_check = ""; my $hl_code_check = ""; my $headers = ""; +my %included_headers; my %error_codes_seen; - foreach my $line (@matches) { next if ($line =~ /compat-1.2.h/); @@ -102,6 +106,8 @@ foreach my $line (@matches) # Fix faulty ones $include_name = "net_sockets" if ($module_name eq "NET"); + $included_headers{"${include_name}.h"} = $module_name; + my $found_ll = grep $_ eq $module_name, @low_level_modules; my $found_hl = grep $_ eq $module_name, @high_level_modules; if (!$found_ll && !$found_hl) @@ -205,3 +211,15 @@ $error_format =~ s/HIGH_LEVEL_CODE_CHECKS\n/$hl_code_check/g; open(ERROR_FILE, ">$error_file") or die "Opening destination file '$error_file': $!"; print ERROR_FILE $error_format; close(ERROR_FILE); + +my $errors = 0; +for my $include_name (@necessary_include_files) +{ + if (not $included_headers{$include_name}) + { + print STDERR "The header file \"$include_name\" defines error codes but has not been included!\n"; + ++$errors; + } +} + +exit !!$errors; From e913f911cd659cfb4a240dfd0186debd92c3d4e9 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 25 May 2020 12:23:11 +0200 Subject: [PATCH 2/4] Do include asn1.h in error.c When generate_errors.pl was first written, there was no asn1.h. But now there is one and it does not need any special treatment. Signed-off-by: Gilles Peskine --- scripts/generate_errors.pl | 1 - 1 file changed, 1 deletion(-) diff --git a/scripts/generate_errors.pl b/scripts/generate_errors.pl index 3992f8444..51e1d8501 100755 --- a/scripts/generate_errors.pl +++ b/scripts/generate_errors.pl @@ -101,7 +101,6 @@ foreach my $line (@matches) my $include_name = $module_name; $include_name =~ tr/A-Z/a-z/; - $include_name = "" if ($include_name eq "asn1"); # Fix faulty ones $include_name = "net_sockets" if ($module_name eq "NET"); From d2f0073c0956f76c573107399ecedcd5d49f1709 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 25 May 2020 12:23:55 +0200 Subject: [PATCH 3/4] Re-generate error.c Signed-off-by: Gilles Peskine --- library/error.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/library/error.c b/library/error.c index c596f0bcc..04f425bb3 100644 --- a/library/error.c +++ b/library/error.c @@ -53,6 +53,10 @@ #include "mbedtls/aria.h" #endif +#if defined(MBEDTLS_ASN1_PARSE_C) +#include "mbedtls/asn1.h" +#endif + #if defined(MBEDTLS_BASE64_C) #include "mbedtls/base64.h" #endif From 2dfc9fe2933be62e7c372a7ebdda099b7fe9cbf2 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 25 May 2020 12:26:04 +0200 Subject: [PATCH 4/4] Fix #3328 Signed-off-by: Gilles Peskine --- ChangeLog.d/error-asn1.txt | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 ChangeLog.d/error-asn1.txt diff --git a/ChangeLog.d/error-asn1.txt b/ChangeLog.d/error-asn1.txt new file mode 100644 index 000000000..c165696fd --- /dev/null +++ b/ChangeLog.d/error-asn1.txt @@ -0,0 +1,2 @@ +Bugfix + * Include asn1.h in error.c. Fixes #3328 reported by David Hu.