-
Notifications
You must be signed in to change notification settings - Fork 2.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add limits.h inclusion to ssl_tls.c and udp_proxy.c #1999
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Approved.
Though a test for checking such cases is recomended
Let's hold this PR until we have a test case for a custom |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
I think this PR should be merged and not held back for the purpose of adding a test case of a custom |
@hanno-arm I agree that it is good practice to add headers when you need them, however, it will be good to have a way to test it, and this is why a custom config without a call to check_config may be in use |
@RonEld I disagree - I think |
I agree that |
Answer: only in one part:
I suggest moving this check to |
Added the test to |
@redtangent Thank you for adding the test!
I don't understand your point. This is what we want to check. If a file that will need
should not add a problem, IMHO. |
If |
But the check for
So, the need for |
Ahhh. I misunderstood - you're proposing to move the check to I don't think that's sufficient. Not all client applications will include In my view - better to keep the check in |
A quick grep for
So, I believe this file will be included at least once by any application. |
I think in practice, @RonEld, you're right, everything includes So, best, in my view, to not place the check there, but to keep it in Maybe we should move including I personally think that's a better fix. Let me know what you think. |
@hanno-arm / @RonEld - Can we bring this discussion to a conclusion? And accept as-is, or reject and do rework? |
Yes, I agree with you it may be a better solution. I think that in the long run, we should have one common header file, which within will include the |
check_config.h needs to be included directly after the configuration file, because some headers are naughty and adapt the defined configurations, which can cause check_comfig.h to break. (Specically bignum.h sets the configured platform to MBEDTLS_HAVE_INT32/64 if it hasn't been defined). That arguably is a bug, although it's the existing behaviour of the library, so we respect it and move check_config.h to where it wants to be. Signed-off-by: Simon Butcher <simon.butcher@arm.com>
c01507e
to
89b1a9e
Compare
This PR is now passing all CI except for Mbed OS. Mbed OS is failing because the absence of To avoid this PR becoming yet again quickly outdated and requiring another rebase, my recommendation would be to review and merge without waiting for that PR to be merged - if possible. Otherwise this PR is now ready for review again. |
@dgreen-arm / @hanno-arm - Would you be kind enough to review this old PR and it's sister backports, as your names are already on them? If you do - I promise a review in return, for the PR of your choice, as big or as small as you want. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good to me. Mbed OS failures will be addressed by the other PR, so that shouldn't block this.
@@ -50,6 +50,7 @@ | |||
#include "mbedtls/platform_util.h" | |||
#include "mbedtls/version.h" | |||
|
|||
#include <limits.h> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ssl_tls.c
no longer uses anything from limits.h
: now only ssl_msg.h
does. This is not a blocker: including a standard header which doesn't get used is harmless.
However, 4 other files need limits.h
on this branch: bignum.c
, ctr_drbg.c
, psa_crypto.c
and x509_crt.c
. I checked and development
doesn't need any other as of today. Please add those, otherwise it defeats the purpose of the PR. And please re-check test suites and sample programs.
* Add missing limits.h standard C library header to ssl_tls.c and udp_proxy.c | ||
which was only including it via check_config.h previously, which may not be | ||
included in custom configuration files. Fixes #1803 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This changelog entry would get added to the section for the already-released version 2.22.0. We no longer merge changelog entries manually. Please create a file in ChangeLog.d
instead. This doesn't require a rebase.
@@ -24,6 +24,7 @@ | |||
#else | |||
#include MBEDTLS_CONFIG_FILE | |||
#endif | |||
#include "mbedtls/check_config.h" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
As I've stated before, I don't like this approach. Every library source file is changed to include something that doesn't really concern it.
Furthermore this is unrelated to the original objective of the pull request. It neither fixes the problem nor contributes to making the problem less likely to happen again.
I wouldn't have vetoed the PR on this basis, but since the PR needs rework anyway, please remove the inclusion of check_config.h
everywhere.
To include check_config.h
everywhere, on development
, add it to library/common.h
, which was added to development
today (and we'll also need to include common.h
everywhere, which isn't done yet).
Thanks for the review @gilles-peskine-arm. I guess you weren't aware, but the points you are making I was already aware of and are exactly why I told you the PR needed rework - and those changes have only arisen out of changes to Ideally if it had been possible to review this PR more quickly, then it would not have been effected by |
@sbutcher-arm Do you intend to rework this PR soon? I'm working on another change (moving stuff to the newly created |
@gilles-peskine-arm - After last week I talked to @danh-arm and passed all my open personal PR's including this one over to the core team. I am no longer doing any work on Mbed TLS in my free time and am pursuing my interests in crypto elsewhere. Any future PR's will be strictly business related. |
@@ -3688,6 +3688,4 @@ | |||
#include MBEDTLS_USER_CONFIG_FILE | |||
#endif | |||
|
|||
#include "mbedtls/check_config.h" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There's one place where check_config.h
modifies the configuration.
#if defined(_WIN32)
#if !defined(MBEDTLS_PLATFORM_C)
#error "MBEDTLS_PLATFORM_C is required on Windows"
#endif
/* Fix the config here. Not convenient to put an #ifdef _WIN32 in config.h as
* it would confuse config.py. */
#if !defined(MBEDTLS_PLATFORM_SNPRINTF_ALT) && \
!defined(MBEDTLS_PLATFORM_SNPRINTF_MACRO)
#define MBEDTLS_PLATFORM_SNPRINTF_ALT
#endif
#if !defined(MBEDTLS_PLATFORM_VSNPRINTF_ALT) && \
!defined(MBEDTLS_PLATFORM_VSNPRINTF_MACRO)
#define MBEDTLS_PLATFORM_VSNPRINTF_ALT
#endif
#endif /* _WIN32 */
If check_config.h
is no longer included from config.h
, and thus only included from library code and not from application code, this won't do. Application code and library code must have the same configuration.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The only code in the library that is functionally affected by MBEDTLS_PLATFORM_SNPRINTF_ALT
or MBEDTLS_PLATFORM_VSNPRINTF_ALT
is in platform.h
and platform.c
. Application code that is affected by these macros can be reasonably expected to include mbedtls/platform.h
. Therefore I think this hack can be adapted to fit in platform.h
instead.
Feature detection (version_features.c
, query_config
) would no longer report these alt symbols correctly. I think that an acceptable change would be to not set the symbols, but cause their effect in platform.h
regardless.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Fortunately, it turns out that changing the configuration is not necessary: platform.h
will do its thing (activate an snprintf wrapper) regardless. #3453
This issue is tracked in #1803 - closing this PR as probably this needs a different approach. |
Description
The standard C library header limits.h was only being included by
check_config.h
so was being missing if users provided their own config.h that didn't includecheck_config.h
.This fixes #1803.
Status
READY
Requires Backporting
Yes
Which branch?
[edited by mpg]
mbedtls-2.16
andmbedtls-2.7
[quoting redtangent] I've provided backports with PR #2445 and PR #2446 to
mbedtls-2.16
andmbedtls-2.7
.Todos