git.ipfire.org Git - thirdparty/strongswan.git/commit

author	Tobias Brunner <tobias@strongswan.org>
	Thu, 14 Sep 2017 13:31:00 +0000 (15:31 +0200)
committer	Tobias Brunner <tobias@strongswan.org>
	Mon, 18 Sep 2017 10:07:26 +0000 (12:07 +0200)
commit	7cecc98e8ad11702e14e649eb62efa6125b8c31e
tree	6806ae4c0e33423ff2eb5b92f9eb5d78fe4c0d7b	tree \| snapshot
parent	46a62f01264add0518a6729ea0a30b1aa610491b	commit \| diff

settings: Fix possible undefined behavior with va_start() and bool

This fixes compilation with -Werror when using Clang 4.0 (but not 3.9)
and possibly prevents undefined behavior.

According to the C standard the following applies to the second
parameter of the va_start() macro (subclause 7.16.1.4, paragraph 4):

  The parameter parmN is the identifier of the rightmost parameter
  in the variable parameter list in the function definition (the
  one just before the ...). If the parameter parmN is declared with
  the register storage class, with a function or array type, or with
  a type that is not compatible with the type that results after
  application of the default argument promotions, the behavior is
  undefined.

Because bool is usually just 1 byte and therefore smaller than int (i.e.
the result of default argument promotion) its use as last argument before
... might result in undefined behavior.  This theoretically can also
apply to enums as a compiler may use a smaller base type than int.

Since Clang 3.9 (currently in use on Travis by default) a warning is
issued about this, however, that version did not yet compare the actual
size of the argument's type, causing warnings where they are not
warranted (basically for all cases where enum types are used for the
last argument).  This was apparently fixed with Clang 4.0, which only
warns about this use of bool with va_start(), which makes sense.

src/libstrongswan/settings/settings.c		diff \| blob \| blame \| history
src/libstrongswan/settings/settings.h		diff \| blob \| blame \| history