Page MenuHome GnuPG
Create Task
Maniphest T1741

comparison between signed and unsigned integer
Closed, WontfixPublic
Actions

Description

I recently added '-Wextra' to my compile flags and I get many of the following
warnings when compiling libgcrypt.

warning: comparison between signed and unsigned integer expressions [-Wsign-compare]

I have looked through them all and most of them are comparing a signed counter
with size_t or unsigned int, which should be benign. However, researching the
warning there are certain nasty bugs that appear if the signed int is ever
negative...

http://www.jwwalker.com/pages/safe-compare.html

https://www.securecoding.cert.org/confluence/display/cplusplus/INT02-CPP.+Understand+integer+conversion+rules

I'm willing to help change the counters to unsigned int, like they should be.
However, some of the changes required are harder for me to understand how to fix.

Details

Version
1.6.2

Event Timeline

metaschima set Version to 1.6.2.Oct 12 2014, 2:15 AM
metaschima added a project: libgcrypt.
metaschima added a subscriber: metaschima.
werner added a subscriber: werner.Oct 12 2014, 7:26 PM

We won't do that. The risk of introducing real bugs is much higher than
detecting possible bugs. You would need to analyze each warning en details. I
did this once but decided to remove the warning from the standard set of cc
options. If you want to dicusss this or post your resuls please do this on
gnupg-devel - this has a much higher chnace that more eyeballs are looking at it.

werner added a project: Won't Fix.Sep 7 2015, 6:29 PM
marcus closed this task as Wontfix.Jun 22 2017, 5:09 PM
marcus claimed this task.
marcus added a subscriber: marcus.

If we will ever do this, then only in conjunction with appropriate continuous integration tools that report on new warnings and progress. Closing here.