when compiling openssl-1.1.1s with the following workflow: $ wget https://www.openssl.org/source/openssl-1.1.1s.tar.gz $ tar xf openssl-1.1.1s.tar.gz $ cd openssl-1.1.1s $ ./config --strict-warnings enable-asan $ make I get this unexpected warning (error) gcc -I. -Iinclude -fPIC -pthread -m64 -fsanitize=address -fno-omit-frame-pointer -g -Wa,--noexecstack -Wall -O3 -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAESNI_ASM -DVPAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -DNDEBUG -MMD -MF ssl/s3_enc.d.tmp -MT ssl/s3_enc.o -c -o ssl/s3_enc.o ssl/s3_enc.c In function 'ssl3_generate_key_block', inlined from 'ssl3_setup_key_block' at ssl/s3_enc.c:290:11: ssl/s3_enc.c:48:20: error: writing 1 byte into a region of size 0 [-Werror=stringop-overflow=] 48 | buf[j] = c; | ~~~~~~~^~~ ssl/s3_enc.c: In function 'ssl3_setup_key_block': ssl/s3_enc.c:21:19: note: at offset 16 into destination object 'buf' of size 16 21 | unsigned char buf[16], smd[SHA_DIGEST_LENGTH]; | ^~~ cc1: all warnings being treated as errors this happens with: gcc version 12.2.1 20221130 (GCC) gcc version 11.3.1 20221205 (GCC) gcc version 10.4.1 20221205 (GCC) but did not happen with: gcc version 9.5.0 (GCC) nor does it happen with: gcc version 13.0.0 20221130 (experimental) (GCC) It is pretty annoying because this happens in CI builds once we change from ubuntu-20.04 (gcc9) to ubuntu-22.04 (gcc11)
Fixed on master since r13-1268-g8c99e307b20c502e, note that sanitizers tens to increase false-positives of warnings: https://gcc.gnu.org/onlinedocs/gcc/Instrumentation-Options.html ``` Note that sanitizers tend to increase the rate of false positive warnings, most notably those around -Wmaybe-uninitialized. We recommend against combining -Werror and [the use of] sanitizers. ```
Thanks, I see a very similar warning with m68k-linux-gnu-gcc but without sanitizer: crypto/modes/cfb128.c: In function 'CRYPTO_cfb128_encrypt': crypto/modes/cfb128.c:117:33: error: writing 1 byte into a region of size 0 [-Werror=stringop-overflow=] 117 | ivec[n] = c; | ~~~~~~~~^~~ crypto/modes/cfb128.c:27:42: note: at offset 16 into destination object 'ivec' of size [0, 16] 27 | unsigned char ivec[16], int *num, | ~~~~~~~~~~~~~~^~~~~~~~ cc1: all warnings being treated as errors