diff --git a/.circleci/config.yml b/.circleci/config.yml index 9fd1c82..69811f4 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -62,7 +62,7 @@ jobs: - run: &apt_install apt-get update && DEBIAN_FRONTEND=noninteractive - apt-get install -y --no-install-recommends + apt-get install -y ca-certificates clang cmake @@ -141,9 +141,7 @@ jobs: - run: *apt_install - run: apt-get install -y --no-install-recommends - ca-certificates - python3-pip + cpplint - checkout - run: git submodule update --init --recursive - - run: pip install cpplint - run: other/analysis/run-cpplint diff --git a/.github/scripts/cmake-android b/.github/scripts/cmake-android index d15f555..95ec660 100755 --- a/.github/scripts/cmake-android +++ b/.github/scripts/cmake-android @@ -10,7 +10,7 @@ ABI=${1:-"armeabi-v7a"} case $ABI in armeabi-v7a) TARGET=armv7a-linux-androideabi - NDK_API=19 + NDK_API=21 ;; arm64-v8a) TARGET=aarch64-linux-android @@ -18,7 +18,7 @@ case $ABI in ;; x86) TARGET=i686-linux-android - NDK_API=19 + NDK_API=21 ;; x86_64) TARGET=x86_64-linux-android diff --git a/.github/scripts/flags-clang.sh b/.github/scripts/flags-clang.sh index f5ae253..d0a7729 100644 --- a/.github/scripts/flags-clang.sh +++ b/.github/scripts/flags-clang.sh @@ -39,12 +39,17 @@ add_flag -Wno-reserved-id-macro # TODO(iphydf): Clean these up. They are likely not bugs, but still # potential issues and probably confusing. add_flag -Wno-sign-compare +# We don't want to have default cases, we want to explicitly define all cases +add_flag -Wno-switch-default # __attribute__((nonnull)) causes this warning on defensive null checks. add_flag -Wno-tautological-pointer-compare # Our use of mutexes results in a false positive, see 1bbe446. add_flag -Wno-thread-safety-analysis # File transfer code has this. add_flag -Wno-type-limits +# Generates false positives in toxcore similar to +# https://github.com/llvm/llvm-project/issues/64646 +add_flag -Wno-unsafe-buffer-usage # Callbacks often don't use all their parameters. add_flag -Wno-unused-parameter # cimple does this better diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 7988ea2..46aa57f 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -96,7 +96,7 @@ jobs: with: submodules: recursive - name: Export GitHub Actions cache environment variables - uses: actions/github-script@v6 + uses: actions/github-script@v7 with: script: | core.exportVariable('ACTIONS_CACHE_URL', process.env.ACTIONS_CACHE_URL || ''); diff --git a/other/analysis/run-clang b/other/analysis/run-clang index f5ec50f..a8c85a9 100755 --- a/other/analysis/run-clang +++ b/other/analysis/run-clang @@ -28,8 +28,10 @@ run() { -Wno-old-style-cast \ -Wno-padded \ -Wno-sign-compare \ + -Wno-switch-default \ -Wno-tautological-pointer-compare \ -Wno-unreachable-code-return \ + -Wno-unsafe-buffer-usage \ -Wno-unused-parameter \ -Wno-used-but-marked-unused \ -Wno-source-uses-openmp diff --git a/other/bootstrap_daemon/src/config.c b/other/bootstrap_daemon/src/config.c index 891912d..05e4735 100644 --- a/other/bootstrap_daemon/src/config.c +++ b/other/bootstrap_daemon/src/config.c @@ -200,6 +200,8 @@ bool get_general_config(const char *cfg_file_path, char **pid_file_path, char ** *keys_file_path = (char *)malloc(keys_file_path_len); if (*keys_file_path == nullptr) { log_write(LOG_LEVEL_ERROR, "Allocation failure.\n"); + free(*pid_file_path); + *pid_file_path = nullptr; return false; } memcpy(*keys_file_path, tmp_keys_file, keys_file_path_len); diff --git a/other/docker/compcert/compcert.Dockerfile b/other/docker/compcert/compcert.Dockerfile index 567ea78..90f16ed 100644 --- a/other/docker/compcert/compcert.Dockerfile +++ b/other/docker/compcert/compcert.Dockerfile @@ -13,7 +13,7 @@ COPY --from=sources /src/ /work/ SHELL ["/bin/bash", "-o", "pipefail", "-c"] -RUN git clone --depth=1 https://github.com/jedisct1/libsodium /work/libsodium +RUN git clone --depth=1 --branch=stable https://github.com/jedisct1/libsodium /work/libsodium COPY other/docker/compcert/Makefile /work/ RUN make "-j$(nproc)" RUN ./send_message_test | grep 'tox clients connected' diff --git a/other/docker/windows/get_packages.sh b/other/docker/windows/get_packages.sh index efd81e6..54fc155 100755 --- a/other/docker/windows/get_packages.sh +++ b/other/docker/windows/get_packages.sh @@ -52,7 +52,7 @@ if [ "$SUPPORT_TEST" = "true" ]; then https://dl.winehq.org/wine-builds/debian/dists/bookworm/winehq-bookworm.sources . ./check_sha256.sh - check_sha256 "78b185fabdb323971d13bd329fefc8038e08559aa51c4996de18db0639a51df6" \ + check_sha256 "d965d646defe94b3dfba6d5b4406900ac6c81065428bf9d9303ad7a72ee8d1b8" \ "/etc/apt/keyrings/winehq-archive.key" check_sha256 "8dd8ef66c749d56e798646674c1c185a99b3ed6727ca0fbb5e493951e66c0f9e" \ "/etc/apt/sources.list.d/winehq-bookworm.sources" diff --git a/other/emscripten/Dockerfile b/other/emscripten/Dockerfile index 112b756..adfbdba 100644 --- a/other/emscripten/Dockerfile +++ b/other/emscripten/Dockerfile @@ -34,6 +34,7 @@ RUN . "/work/emsdk/emsdk_env.sh" \ && emconfigure ./configure --disable-shared \ --without-pthreads \ --disable-ssp --disable-asm --disable-pie \ + --host x86_64-linux-gnu \ && emmake make install -j8 # Build an unused libsodium binding first so emcc caches all the system diff --git a/toxav/rtp.c b/toxav/rtp.c index 8ad4ce6..49c91a0 100644 --- a/toxav/rtp.c +++ b/toxav/rtp.c @@ -805,7 +805,7 @@ int rtp_send_data(RTPSession *session, const uint8_t *data, uint32_t length, header.flags |= RTP_KEY_FRAME; } - const uint16_t rdata_size = length + RTP_HEADER_SIZE + 1; + const uint16_t rdata_size = min_u32(length + RTP_HEADER_SIZE + 1, MAX_CRYPTO_DATA_SIZE); VLA(uint8_t, rdata, rdata_size); memset(rdata, 0, rdata_size); rdata[0] = session->payload_type; // packet id == payload_type diff --git a/toxcore/Messenger.c b/toxcore/Messenger.c index d20d740..d6dc24d 100644 --- a/toxcore/Messenger.c +++ b/toxcore/Messenger.c @@ -2468,14 +2468,12 @@ static void do_friends(Messenger *m, void *userdata) } } - if (m->friendlist[i].status == FRIEND_REQUESTED - || m->friendlist[i].status == FRIEND_CONFIRMED) { /* friend is not online. */ - if (m->friendlist[i].status == FRIEND_REQUESTED) { - /* If we didn't connect to friend after successfully sending him a friend request the request is deemed - * unsuccessful so we set the status back to FRIEND_ADDED and try again. - */ - check_friend_request_timed_out(m, i, temp_time, userdata); - } + if (m->friendlist[i].status == FRIEND_REQUESTED) { + /* If we didn't connect to friend after successfully sending him a friend + * request the request is deemed unsuccessful so we set the status back to + * FRIEND_ADDED and try again. + */ + check_friend_request_timed_out(m, i, temp_time, userdata); } if (m->friendlist[i].status == FRIEND_ONLINE) { /* friend is online. */ diff --git a/toxcore/bin_pack_test.cc b/toxcore/bin_pack_test.cc index 4bd8a25..08e37ba 100644 --- a/toxcore/bin_pack_test.cc +++ b/toxcore/bin_pack_test.cc @@ -32,7 +32,7 @@ TEST(BinPack, PackedUint64CanBeUnpacked) }, &orig, nullptr, buf.data(), buf.size())); - uint64_t unpacked; + uint64_t unpacked = 0; EXPECT_TRUE(bin_unpack_obj( [](void *obj, Bin_Unpack *bu) { return bin_unpack_u64_b(bu, static_cast(obj)); @@ -51,7 +51,7 @@ TEST(BinPack, MsgPackedUint8CanBeUnpackedAsUint32) }, &orig, nullptr, buf.data(), buf.size())); - uint32_t unpacked; + uint32_t unpacked = 0; EXPECT_TRUE(bin_unpack_obj( [](void *obj, Bin_Unpack *bu) { return bin_unpack_u32(bu, static_cast(obj)); }, &unpacked, buf.data(), buf.size())); @@ -68,7 +68,7 @@ TEST(BinPack, MsgPackedUint32CanBeUnpackedAsUint8IfSmallEnough) }, &orig, nullptr, buf.data(), buf.size())); - uint8_t unpacked; + uint8_t unpacked = 0; EXPECT_TRUE(bin_unpack_obj( [](void *obj, Bin_Unpack *bu) { return bin_unpack_u08(bu, static_cast(obj)); }, &unpacked, buf.data(), buf.size())); @@ -86,7 +86,7 @@ TEST(BinPack, LargeMsgPackedUint32CannotBeUnpackedAsUint8) }, &orig, nullptr, buf.data(), buf.size())); - uint8_t unpacked; + uint8_t unpacked = 0; EXPECT_FALSE(bin_unpack_obj( [](void *obj, Bin_Unpack *bu) { return bin_unpack_u08(bu, static_cast(obj)); }, &unpacked, buf.data(), buf.size()));