You /may/ want to add that #define CRYPTOPP_INSTALL_SIGTRAP_HANDLER (in the comment) only affects GCC / Unix. I'm not sure if everybody knows this is unix-only behavior.
I think you may missed one CRYPTOPP_ASSERT...
BR
JPM
Am 20.07.2015 um 18:06 schrieb Jeffrey Walton:
> Attached is the meat and potatoes of the proposed patch. It omits all
> the assert -> CRYPTOPP_ASSERT changes.
>
> It works great outside and under the debugger. The program does not
> crash with a SIGABRT at critical times during the debug cycle.
>
> On Wednesday, July 15, 2015 at 4:27:04 PM UTC-4, Jeffrey Walton wrote:
>
> I'm catching an assert when running with -DDEBUG (i.e., not -DNDEBUG):
>
> cryptest.exe: misc.h:703: T CryptoPP::rotlMod(T, unsigned int)
> [with T = unsigned int]: Assertion `y <= 255' failed.
>
> The assert is fine. I adore asserts, because they create "self
> debugging code". When the code tells me where the problem is, I
> don't have to spend time under a debugger. In code under my
> purview in real life, we make debug instrumentation a security
> gate because it so helpful. If code does not have the
> instrumentation, it cannot be checked in.
>
> The issue I have is Posix's default behavior of "lets crash the
> program while the developer is debugging it". Its completely
> useless behavior.
>
>
> diff --git a/config.h b/config.h
> index e359729..9c4fd9e 100644
> --- a/config.h
> +++ b/config.h
> @@ -53,6 +53,11 @@
> #define PREFER_BERKELEY_STYLE_SOCKETS
> // #define PREFER_WINDOWS_STYLE_SOCKETS
>
> +// Undefine this in Debug builds if you don't want a SIGTRAP handler
> installed.
> +// The cryptest program will install the handler for CRYPTOPP_ASSERT
> which
> +// raises SIGTRAP. Its does not affect Release builds when NDEBUG is
> defined.
> +#define CRYPTOPP_INSTALL_SIGTRAP_HANDLER
> +
> // set the name of Rijndael cipher, was "Rijndael" before version 5.3
> #define CRYPTOPP_RIJNDAEL_NAME "AES"
>
> diff --git a/test.cpp b/test.cpp
> index a3250a8..0dd5937 100644
> --- a/test.cpp
> +++ b/test.cpp
> @@ -56,6 +56,12 @@ USING_NAMESPACE(std)
>
> const int MAX_PHRASE_LENGTH=250;
>
> +#if defined(CRYPTOPP_INSTALL_SIGTRAP_HANDLER) && !defined(NDEBUG)
> +#if defined(CRYPTOPP_UNIX_AVAILABLE)
> +# include <signal.h> // SIGTRAP handler
> +#endif
> +#endif
> +
> void RegisterFactories();
>
> void GenerateRSAKey(unsigned int keyLength, const char *privFilename,
> const char *pubFilename, const char *seed);
> @@ -238,7 +244,7 @@ int CRYPTOPP_API main(int argc, char *argv[])
>
> // compute MAC
> member_ptr<MessageAuthenticationCode>
> pMac(NewIntegrityCheckingMAC());
> - assert(pMac->DigestSize() == sizeof(mac));
> + CRYPTOPP_ASSERT(pMac->DigestSize() == sizeof(mac));
> MeterFilter f(new HashFilter(*pMac, new ArraySink(mac,
> sizeof(mac))));
> f.AddRangeToSkip(0, checksumPos, 4);
> f.AddRangeToSkip(0, certificateTableDirectoryPos, 8);
> @@ -369,6 +375,55 @@ int CRYPTOPP_API main(int argc, char *argv[])
> }
> }
>
> +#if defined(CRYPTOPP_INSTALL_SIGTRAP_HANDLER) && !defined(NDEBUG)
> +#if defined(CRYPTOPP_UNIX_AVAILABLE)
> +// Add a SIGTRAP handler for *nix.
> +struct DebugTrapHandler
> +{
> + DebugTrapHandler()
> + {
> + //
> http://pubs.opengroup.org/onlinepubs/007908799/xsh/sigaction.html
> + struct sigaction old_handler, new_handler;
> + memset(&old_handler, 0x00, sizeof(old_handler));
> + memset(&new_handler, 0x00, sizeof(new_handler));
> +
> + do
> + {
> + int ret = 0;
> +
> + ret = sigaction (SIGTRAP, NULL, &old_handler);
> + if (ret != 0) break; // Failed
> +
> + // Don't step on another's handler
> + if (old_handler.sa_handler != NULL) break;
> +
> + // Set up the structure to specify the null action.
> + new_handler.sa_handler = &DebugTrapHandler::NullHandler;
> + new_handler.sa_flags = 0;
> +
> + ret = sigemptyset (&new_handler.sa_mask);
> + if (ret != 0) break; // Failed
> +
> + // Install it
> + ret = sigaction (SIGTRAP, &new_handler, NULL);
> + if (ret != 0) break; // Failed
> +
> + } while(0);
> + }
> +
> + static void NullHandler(int /*unused*/) { }
> +};
> +
> +#if __GNUC__
> +// Specify a relatively low priority to make sure we run before other
> CTORs
> +//
> http://gcc.gnu.org/onlinedocs/gcc/C_002b_002b-Attributes.html#C_002b_002b-Attributes
> +static const DebugTrapHandler g_dummyHandler __attribute__
> ((init_priority (110)));
> +#else
> +static const DebugTrapHandler g_dummyHandler;
> +#endif // __GNUC__
> +#endif // CRYPTOPP_UNIX_AVAILABLE
> +#endif // CRYPTOPP_INSTALL_SIGTRAP_HANDLER and not NDEBUG
> +
> void FIPS140_GenerateRandomFiles()
> {
> #ifdef OS_RNG_AVAILABLE
>
> ***** BEGIN cat of trap.h *****
>
> // trap.h - written and placed in public domain by Jeffrey Walton.
> // Copyright assigned to Crypto++ project
>
> #ifndef CRYPTOPP_TRAP_H
> #define CRYPTOPP_TRAP_H
>
> #ifndef NDEBUG
> #ifdef CRYPTOPP_UNIX_AVAILABLE
> # include <iostream>
> # include <sstream>
> # include <signal.h>
> #endif // CRYPTOPP_UNIX_AVAILABLE
> #endif // NDEBUG
>
> #include <cassert>
>
> // ************** run-time assertion ***************
>
> // Linux and Unix
> #if !defined(NDEBUG) && defined(CRYPTOPP_UNIX_AVAILABLE)
> # define CRYPTOPP_ASSERT(exp) { \
> if(!(exp)) { \
> std::ostringstream oss; \
> oss << "Assertion failed: " << (char*)(__FILE__) << "(" \
> << (int)(__LINE__) << "): " << (char*)(__func__) \
> << std::endl; \
> std::cerr << oss.str(); \
> raise(SIGTRAP); \
> } \
> }
> // Fallback to original behavior (including for NDEBUG)
> #else
> # define CRYPTOPP_ASSERT(exp) assert(exp)
> #endif // NDEBUG
>
> #endif // CRYPTOPP_TRAP_H
>
> ***** END cat of trap.h *****
>
> --
> --
> You received this message because you are subscribed to the "Crypto++
> Users" Google Group.
> To unsubscribe, send an email to
> [email protected].
> More information about Crypto++ and this group is available at
> http://www.cryptopp.com.
> ---
> You received this message because you are subscribed to the Google
> Groups "Crypto++ Users" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to [email protected]
> <mailto:[email protected]>.
> For more options, visit https://groups.google.com/d/optout.
--
--
You received this message because you are subscribed to the "Crypto++ Users"
Google Group.
To unsubscribe, send an email to [email protected].
More information about Crypto++ and this group is available at
http://www.cryptopp.com.
---
You received this message because you are subscribed to the Google Groups
"Crypto++ Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
smime.p7s
Description: S/MIME Cryptographic Signature
