StarMirror/toxcore
1
0
Fork 0
mirror of https://github.com/irungentoo/toxcore.git synced 2024-03-22 13:30:51 +08:00
Code Issues Projects Releases Wiki Activity

chore: Run infer static analyser on circle ci builds.

Browse Source 
Also running some other analysis that we used to have on Travis.
This commit is contained in:
iphydf 2021-12-06 18:41:27 +00:00
parent af1848ed13
commit d930ecca4c
No known key found for this signature in database
GPG Key ID: 3855DBA2D74403C9
15 changed files with 142 additions and 86 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

50
.circleci/config.yml
View File

@ -3,10 +3,14 @@ version: 2
workflows: workflows:
version: 2 version: 2
clang-sanitizers: program-analysis:
jobs: jobs:
# Dynamic analysis
- asan - asan
- tsan - tsan
# Static analysis
- static-analysis
- infer
jobs: jobs:
asan: asan:
@ -41,3 +45,47 @@ jobs:
- checkout - checkout
- run: *apt_install - run: *apt_install
- run: CC=clang .circleci/cmake-tsan - run: CC=clang .circleci/cmake-tsan
infer:
working_directory: ~/work
docker:
- image: toxchat/infer
steps:
- run:
apt-get update &&
DEBIAN_FRONTEND=noninteractive
apt-get install -y --no-install-recommends
git
libopus-dev
libsodium-dev
libvpx-dev
pkg-config
- checkout
- run: infer --no-progress-bar -- cc toxav/*.c toxcore/*.c $(pkg-config --cflags opus vpx)
static-analysis:
working_directory: ~/work
docker:
- image: ubuntu
steps:
- checkout
- run:
apt-get update &&
DEBIAN_FRONTEND=noninteractive
apt-get install -y --no-install-recommends
clang
cppcheck
g++
libconfig-dev
libopus-dev
libsodium-dev
libvpx-dev
llvm
- run: other/analysis/check_logger_levels
- run: other/analysis/run-check-recursion
- run: other/analysis/run-clang
- run: other/analysis/run-clang-analyze
- run: other/analysis/run-cppcheck
- run: other/analysis/run-gcc

5
.github/settings.yml vendored
View File

@ -15,8 +15,9 @@ branches:
- Codacy Static Code Analysis - Codacy Static Code Analysis
- CodeFactor - CodeFactor
- "ci/circleci: asan" - "ci/circleci: asan"
# TODO(iphydf): Find out why dht_test times out under tsan. - "ci/circleci: infer"
#- "ci/circleci: tsan" - "ci/circleci: static-analysis"
- "ci/circleci: tsan"
- cimple - cimple
- cirrus-ci - cirrus-ci
- code-review/reviewable - code-review/reviewable

6
.travis/cmake-linux
View File

@ -38,11 +38,7 @@ run_static_analysis() {
export CPPFLAGS="-isystem $CACHEDIR/include" export CPPFLAGS="-isystem $CACHEDIR/include"
export LDFLAGS="-L$CACHEDIR/lib" export LDFLAGS="-L$CACHEDIR/lib"
cat toxav/*.c toxcore/*.c toxencryptsave/*.c | other/analysis/run-check_recursion
clang "$(pkg-config --cflags libsodium opus vpx)" \
-Itoxav -Itoxcore -Itoxencryptsave -S -emit-llvm -xc - -o- |
opt -analyze -print-callgraph 2>&1 |
other/analysis/check_recursion
other/analysis/run-clang other/analysis/run-clang
other/analysis/run-clang-analyze other/analysis/run-clang-analyze
} }

13
other/analysis/gen-file.sh
View File

@ -42,20 +42,11 @@ callmain() {
: >amalgamation.cc : >amalgamation.cc
echo "#include <algorithm>" >>amalgamation.cc
echo "#include <cstdio>" >>amalgamation.cc
echo "#include <memory>" >>amalgamation.cc
echo "#include <random>" >>amalgamation.cc
put auto_tests/check_compat.h put auto_tests/check_compat.h
FIND_QUERY="find . '-(' -name '*.cc' -or -name '*.c' '-)'" FIND_QUERY="find . '-(' -name '*.c' '-)'"
FIND_QUERY="$FIND_QUERY -and -not -wholename './_build/*'" FIND_QUERY="$FIND_QUERY -and -not -wholename './_build/*'"
FIND_QUERY="$FIND_QUERY -and -not -wholename './super_donators/*'" FIND_QUERY="$FIND_QUERY -and -not -wholename './super_donators/*'"
FIND_QUERY="$FIND_QUERY -and -not -wholename './toxav/*.cc'"
FIND_QUERY="$FIND_QUERY -and -not -wholename './toxcore/*.cc'"
FIND_QUERY="$FIND_QUERY -and -not -wholename './toxencryptsave/*.cc'"
FIND_QUERY="$FIND_QUERY -and -not -name amalgamation.cc"
FIND_QUERY="$FIND_QUERY -and -not -name av_test.c" FIND_QUERY="$FIND_QUERY -and -not -name av_test.c"
FIND_QUERY="$FIND_QUERY -and -not -name dht_test.c" FIND_QUERY="$FIND_QUERY -and -not -name dht_test.c"
FIND_QUERY="$FIND_QUERY -and -not -name version_test.c" FIND_QUERY="$FIND_QUERY -and -not -name version_test.c"
@ -64,7 +55,7 @@ readarray -t FILES <<<"$(eval "$FIND_QUERY")"
(for i in "${FILES[@]}"; do (for i in "${FILES[@]}"; do
grep -o '#include <[^>]*>' "$i" | grep -o '#include <[^>]*>' "$i" |
grep -E -v '<win|<ws|<iphlp|<libc|<mach/|<crypto_|<randombytes|<u.h>|<sys/filio|<linux' grep -E -v '<win|<ws|<iphlp|<libc|<mach/|<crypto_|<randombytes|<u.h>|<sys/filio|<stropts.h>|<linux'
done) | sort -u >>amalgamation.cc done) | sort -u >>amalgamation.cc
echo 'namespace {' >>amalgamation.cc echo 'namespace {' >>amalgamation.cc

7
other/analysis/run-check-recursion Executable file
View File

@ -0,0 +1,7 @@
#!/bin/sh
cat toxav/*.c toxcore/*.c toxencryptsave/*.c |
clang "$(pkg-config --cflags libsodium opus vpx)" \
-Itoxav -Itoxcore -Itoxencryptsave -S -emit-llvm -xc - -o- |
opt -analyze -print-callgraph 2>&1 |
other/analysis/check_recursion

1
other/analysis/run-clang
View File

@ -9,6 +9,7 @@ clang++ -o /dev/null amalgamation.cc \
-std=c++11 \ -std=c++11 \
-Werror \ -Werror \
-Weverything \ -Weverything \
-Wno-alloca \
-Wno-c++98-compat-pedantic \ -Wno-c++98-compat-pedantic \
-Wno-c99-extensions \ -Wno-c99-extensions \
-Wno-cast-align \ -Wno-cast-align \

2
other/analysis/run-infer
View File

@ -5,4 +5,4 @@ SKIP_LINES=1
. other/analysis/gen-file.sh . other/analysis/gen-file.sh
infer -- clang++ -fsyntax-only amalgamation.cc "${CPPFLAGS[@]}" infer --no-progress-bar -- clang++ -fsyntax-only amalgamation.cc "${CPPFLAGS[@]}"

5
testing/DHT_test.c
View File

@ -33,7 +33,7 @@
#define PORT 33445 #define PORT 33445
static uint8_t zeroes_cid[CRYPTO_PUBLIC_KEY_SIZE]; static const uint8_t zeroes_cid[CRYPTO_PUBLIC_KEY_SIZE] = {0};
static void print_client_id(const uint8_t *public_key) static void print_client_id(const uint8_t *public_key)
{ {
@ -177,7 +177,8 @@ int main(int argc, char *argv[])
ip_init(&ip, ipv6enabled); ip_init(&ip, ipv6enabled);
Mono_Time *const mono_time = mono_time_new(); Mono_Time *const mono_time = mono_time_new();
DHT *dht = new_dht(nullptr, mono_time, new_networking(nullptr, ip, PORT), true); Logger *const logger = logger_new();
DHT *dht = new_dht(logger, mono_time, new_networking(logger, ip, PORT), true);
printf("OUR ID: "); printf("OUR ID: ");
for (uint32_t i = 0; i < 32; i++) { for (uint32_t i = 0; i < 32; i++) {

2
toxcore/Messenger.c
View File

@ -910,7 +910,7 @@ static void check_friend_tcp_udp(Messenger *m, int32_t friendnumber, void *userd
} }
} }
m->friendlist[friendnumber].last_connection_udp_tcp = ret; m->friendlist[friendnumber].last_connection_udp_tcp = (Connection_Status)ret;
} }
static void break_files(const Messenger *m, int32_t friendnumber); static void break_files(const Messenger *m, int32_t friendnumber);

3
toxcore/ccompat.h
View File

@ -42,6 +42,9 @@
#if !defined(__cplusplus) || __cplusplus < 201103L #if !defined(__cplusplus) || __cplusplus < 201103L
#define nullptr NULL #define nullptr NULL
#ifndef static_assert
#define static_assert(cond, msg) extern int unused_for_static_assert
#endif
#endif #endif
#ifdef __GNUC__ #ifdef __GNUC__

55
toxcore/crypto_core.c
View File

@ -33,41 +33,26 @@
#define crypto_box_MACBYTES (crypto_box_ZEROBYTES - crypto_box_BOXZEROBYTES) #define crypto_box_MACBYTES (crypto_box_ZEROBYTES - crypto_box_BOXZEROBYTES)
#endif #endif
#if CRYPTO_PUBLIC_KEY_SIZE != crypto_box_PUBLICKEYBYTES //!TOKSTYLE-
#error "CRYPTO_PUBLIC_KEY_SIZE should be equal to crypto_box_PUBLICKEYBYTES" static_assert(CRYPTO_PUBLIC_KEY_SIZE == crypto_box_PUBLICKEYBYTES,
#endif "CRYPTO_PUBLIC_KEY_SIZE should be equal to crypto_box_PUBLICKEYBYTES");
static_assert(CRYPTO_SECRET_KEY_SIZE == crypto_box_SECRETKEYBYTES,
#if CRYPTO_SECRET_KEY_SIZE != crypto_box_SECRETKEYBYTES "CRYPTO_SECRET_KEY_SIZE should be equal to crypto_box_SECRETKEYBYTES");
#error "CRYPTO_SECRET_KEY_SIZE should be equal to crypto_box_SECRETKEYBYTES" static_assert(CRYPTO_SHARED_KEY_SIZE == crypto_box_BEFORENMBYTES,
#endif "CRYPTO_SHARED_KEY_SIZE should be equal to crypto_box_BEFORENMBYTES");
static_assert(CRYPTO_SYMMETRIC_KEY_SIZE == crypto_box_BEFORENMBYTES,
#if CRYPTO_SHARED_KEY_SIZE != crypto_box_BEFORENMBYTES "CRYPTO_SYMMETRIC_KEY_SIZE should be equal to crypto_box_BEFORENMBYTES");
#error "CRYPTO_SHARED_KEY_SIZE should be equal to crypto_box_BEFORENMBYTES" static_assert(CRYPTO_MAC_SIZE == crypto_box_MACBYTES,
#endif "CRYPTO_MAC_SIZE should be equal to crypto_box_MACBYTES");
static_assert(CRYPTO_NONCE_SIZE == crypto_box_NONCEBYTES,
#if CRYPTO_SYMMETRIC_KEY_SIZE != crypto_box_BEFORENMBYTES "CRYPTO_NONCE_SIZE should be equal to crypto_box_NONCEBYTES");
#error "CRYPTO_SYMMETRIC_KEY_SIZE should be equal to crypto_box_BEFORENMBYTES" static_assert(CRYPTO_SHA256_SIZE == crypto_hash_sha256_BYTES,
#endif "CRYPTO_SHA256_SIZE should be equal to crypto_hash_sha256_BYTES");
static_assert(CRYPTO_SHA512_SIZE == crypto_hash_sha512_BYTES,
#if CRYPTO_MAC_SIZE != crypto_box_MACBYTES "CRYPTO_SHA512_SIZE should be equal to crypto_hash_sha512_BYTES");
#error "CRYPTO_MAC_SIZE should be equal to crypto_box_MACBYTES" static_assert(CRYPTO_PUBLIC_KEY_SIZE == 32,
#endif "CRYPTO_PUBLIC_KEY_SIZE is required to be 32 bytes for public_key_cmp to work");
//!TOKSTYLE+
#if CRYPTO_NONCE_SIZE != crypto_box_NONCEBYTES
#error "CRYPTO_NONCE_SIZE should be equal to crypto_box_NONCEBYTES"
#endif
#if CRYPTO_SHA256_SIZE != crypto_hash_sha256_BYTES
#error "CRYPTO_SHA256_SIZE should be equal to crypto_hash_sha256_BYTES"
#endif
#if CRYPTO_SHA512_SIZE != crypto_hash_sha512_BYTES
#error "CRYPTO_SHA512_SIZE should be equal to crypto_hash_sha512_BYTES"
#endif
#if CRYPTO_PUBLIC_KEY_SIZE != 32
#error "CRYPTO_PUBLIC_KEY_SIZE is required to be 32 bytes for public_key_cmp to work,"
#endif
static uint8_t *crypto_malloc(size_t bytes) static uint8_t *crypto_malloc(size_t bytes)
{ {

17
toxencryptsave/BUILD.bazel
View File

@ -33,3 +33,20 @@ cc_library(
visibility = ["//c-toxcore/other:__pkg__"], visibility = ["//c-toxcore/other:__pkg__"],
deps = ["//c-toxcore/toxcore:crypto_core"], deps = ["//c-toxcore/toxcore:crypto_core"],
) )
CIMPLE_SRCS = glob(
[
"*.c",
"*.h",
],
exclude = ["*.api.h"],
)
sh_test(
name = "cimple_test",
size = "small",
srcs = ["//hs-tokstyle/tools:check-cimple"],
args = ["$(location %s)" % f for f in CIMPLE_SRCS],
data = CIMPLE_SRCS,
tags = ["haskell"],
)

4
toxencryptsave/toxencryptsave.api.h
View File

@ -10,6 +10,8 @@
#ifndef C_TOXCORE_TOXENCRYPTSAVE_TOXENCRYPTSAVE_H #ifndef C_TOXCORE_TOXENCRYPTSAVE_TOXENCRYPTSAVE_H
#define C_TOXCORE_TOXENCRYPTSAVE_TOXENCRYPTSAVE_H #define C_TOXCORE_TOXENCRYPTSAVE_TOXENCRYPTSAVE_H
//!TOKSTYLE-
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
#endif #endif
@ -303,5 +305,7 @@ typedef TOX_ERR_ENCRYPTION Tox_Err_Encryption;
typedef TOX_ERR_DECRYPTION Tox_Err_Decryption; typedef TOX_ERR_DECRYPTION Tox_Err_Decryption;
typedef TOX_ERR_GET_SALT Tox_Err_Get_Salt; typedef TOX_ERR_GET_SALT Tox_Err_Get_Salt;
//!TOKSTYLE+
#endif // C_TOXCORE_TOXENCRYPTSAVE_TOXENCRYPTSAVE_H #endif // C_TOXCORE_TOXENCRYPTSAVE_TOXENCRYPTSAVE_H
%} %}

54
toxencryptsave/toxencryptsave.c
View File

@ -28,17 +28,15 @@
#include <stdlib.h> #include <stdlib.h>
#include <string.h> #include <string.h>
#if TOX_PASS_SALT_LENGTH != crypto_pwhash_scryptsalsa208sha256_SALTBYTES //!TOKSTYLE-
#error TOX_PASS_SALT_LENGTH is assumed to be equal to crypto_pwhash_scryptsalsa208sha256_SALTBYTES static_assert(TOX_PASS_SALT_LENGTH == crypto_pwhash_scryptsalsa208sha256_SALTBYTES,
#endif "TOX_PASS_SALT_LENGTH is assumed to be equal to crypto_pwhash_scryptsalsa208sha256_SALTBYTES");
static_assert(TOX_PASS_KEY_LENGTH == CRYPTO_SHARED_KEY_SIZE,
#if TOX_PASS_KEY_LENGTH != CRYPTO_SHARED_KEY_SIZE "TOX_PASS_KEY_LENGTH is assumed to be equal to CRYPTO_SHARED_KEY_SIZE");
#error TOX_PASS_KEY_LENGTH is assumed to be equal to CRYPTO_SHARED_KEY_SIZE static_assert(TOX_PASS_ENCRYPTION_EXTRA_LENGTH == (crypto_box_MACBYTES + crypto_box_NONCEBYTES +
#endif crypto_pwhash_scryptsalsa208sha256_SALTBYTES + TOX_ENC_SAVE_MAGIC_LENGTH),
"TOX_PASS_ENCRYPTION_EXTRA_LENGTH is assumed to be equal to (crypto_box_MACBYTES + crypto_box_NONCEBYTES + crypto_pwhash_scryptsalsa208sha256_SALTBYTES + TOX_ENC_SAVE_MAGIC_LENGTH)");
#if TOX_PASS_ENCRYPTION_EXTRA_LENGTH != (crypto_box_MACBYTES + crypto_box_NONCEBYTES + crypto_pwhash_scryptsalsa208sha256_SALTBYTES + TOX_ENC_SAVE_MAGIC_LENGTH) //!TOKSTYLE+
#error TOX_PASS_ENCRYPTION_EXTRA_LENGTH is assumed to be equal to (crypto_box_MACBYTES + crypto_box_NONCEBYTES + crypto_pwhash_scryptsalsa208sha256_SALTBYTES + TOX_ENC_SAVE_MAGIC_LENGTH)
#endif
uint32_t tox_pass_salt_length(void) uint32_t tox_pass_salt_length(void)
{ {
@ -109,7 +107,7 @@ Tox_Pass_Key *tox_pass_key_derive(const uint8_t *passphrase, size_t pplength,
Tox_Err_Key_Derivation *error) Tox_Err_Key_Derivation *error)
{ {
uint8_t salt[crypto_pwhash_scryptsalsa208sha256_SALTBYTES]; uint8_t salt[crypto_pwhash_scryptsalsa208sha256_SALTBYTES];
random_bytes(salt, sizeof salt); random_bytes(salt, sizeof(salt));
return tox_pass_key_derive_with_salt(passphrase, pplength, salt, error); return tox_pass_key_derive_with_salt(passphrase, pplength, salt, error);
} }
@ -129,10 +127,10 @@ Tox_Pass_Key *tox_pass_key_derive_with_salt(const uint8_t *passphrase, size_t pp
uint8_t key[CRYPTO_SHARED_KEY_SIZE]; uint8_t key[CRYPTO_SHARED_KEY_SIZE];
/* Derive a key from the password */ // Derive a key from the password
/* http://doc.libsodium.org/key_derivation/README.html */ // http://doc.libsodium.org/key_derivation/README.html
/* note that, according to the documentation, a generic pwhash interface will be created // note that, according to the documentation, a generic pwhash interface will be created
* once the pwhash competition (https://password-hashing.net/) is over */ // once the pwhash competition (https://password-hashing.net/) is over */
if (crypto_pwhash_scryptsalsa208sha256( if (crypto_pwhash_scryptsalsa208sha256(
key, sizeof(key), (char *)passkey, sizeof(passkey), salt, key, sizeof(key), (char *)passkey, sizeof(passkey), salt,
crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_INTERACTIVE * 2, /* slightly stronger */ crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_INTERACTIVE * 2, /* slightly stronger */
@ -157,7 +155,8 @@ Tox_Pass_Key *tox_pass_key_derive_with_salt(const uint8_t *passphrase, size_t pp
return out_key; return out_key;
} }
/* Encrypt arbitrary with a key produced by tox_derive_key_*. The output /**
* Encrypt arbitrary with a key produced by `tox_derive_key_*`. The output
* array must be at least data_len + TOX_PASS_ENCRYPTION_EXTRA_LENGTH bytes long. * array must be at least data_len + TOX_PASS_ENCRYPTION_EXTRA_LENGTH bytes long.
* key must be TOX_PASS_KEY_LENGTH bytes. * key must be TOX_PASS_KEY_LENGTH bytes.
* If you already have a symmetric key from somewhere besides this module, simply * If you already have a symmetric key from somewhere besides this module, simply
@ -173,13 +172,12 @@ bool tox_pass_key_encrypt(const Tox_Pass_Key *key, const uint8_t *data, size_t d
return 0; return 0;
} }
/* the output data consists of, in order: // the output data consists of, in order:
* salt, nonce, mac, enc_data // salt, nonce, mac, enc_data
* where the mac is automatically prepended by the encrypt() // where the mac is automatically prepended by the encrypt()
* the salt+nonce is called the prefix // the salt+nonce is called the prefix
* I'm not sure what else I'm supposed to do with the salt and nonce, since we // I'm not sure what else I'm supposed to do with the salt and nonce, since we
* need them to decrypt the data // need them to decrypt the data
*/
/* first add the magic number */ /* first add the magic number */
memcpy(out, TOX_ENC_SAVE_MAGIC_NUMBER, TOX_ENC_SAVE_MAGIC_LENGTH); memcpy(out, TOX_ENC_SAVE_MAGIC_NUMBER, TOX_ENC_SAVE_MAGIC_LENGTH);
@ -214,13 +212,13 @@ bool tox_pass_key_encrypt(const Tox_Pass_Key *key, const uint8_t *data, size_t d
bool tox_pass_encrypt(const uint8_t *data, size_t data_len, const uint8_t *passphrase, size_t pplength, uint8_t *out, bool tox_pass_encrypt(const uint8_t *data, size_t data_len, const uint8_t *passphrase, size_t pplength, uint8_t *out,
Tox_Err_Encryption *error) Tox_Err_Encryption *error)
{ {
Tox_Err_Key_Derivation _error; Tox_Err_Key_Derivation err;
Tox_Pass_Key *key = tox_pass_key_derive(passphrase, pplength, &_error); Tox_Pass_Key *key = tox_pass_key_derive(passphrase, pplength, &err);
if (!key) { if (!key) {
if (_error == TOX_ERR_KEY_DERIVATION_NULL) { if (err == TOX_ERR_KEY_DERIVATION_NULL) {
SET_ERROR_PARAMETER(error, TOX_ERR_ENCRYPTION_NULL); SET_ERROR_PARAMETER(error, TOX_ERR_ENCRYPTION_NULL);
} else if (_error == TOX_ERR_KEY_DERIVATION_FAILED) { } else if (err == TOX_ERR_KEY_DERIVATION_FAILED) {
SET_ERROR_PARAMETER(error, TOX_ERR_ENCRYPTION_KEY_DERIVATION_FAILED); SET_ERROR_PARAMETER(error, TOX_ERR_ENCRYPTION_KEY_DERIVATION_FAILED);
} }

4
toxencryptsave/toxencryptsave.h
View File

@ -9,6 +9,8 @@
#ifndef C_TOXCORE_TOXENCRYPTSAVE_TOXENCRYPTSAVE_H #ifndef C_TOXCORE_TOXENCRYPTSAVE_TOXENCRYPTSAVE_H
#define C_TOXCORE_TOXENCRYPTSAVE_TOXENCRYPTSAVE_H #define C_TOXCORE_TOXENCRYPTSAVE_TOXENCRYPTSAVE_H
//!TOKSTYLE-
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
#endif #endif
@ -365,4 +367,6 @@ typedef TOX_ERR_ENCRYPTION Tox_Err_Encryption;
typedef TOX_ERR_DECRYPTION Tox_Err_Decryption; typedef TOX_ERR_DECRYPTION Tox_Err_Decryption;
typedef TOX_ERR_GET_SALT Tox_Err_Get_Salt; typedef TOX_ERR_GET_SALT Tox_Err_Get_Salt;
//!TOKSTYLE+
#endif // C_TOXCORE_TOXENCRYPTSAVE_TOXENCRYPTSAVE_H #endif // C_TOXCORE_TOXENCRYPTSAVE_TOXENCRYPTSAVE_H