[openssl-users] Warnings Compiling openssl 1.0.2d

Matt Caswell matt at openssl.org
Tue Jul 21 20:06:32 UTC 2015

On 21/07/15 20:54, Jeffrey Walton wrote:
>>>                           ^
>>> d1_both.c: In function 'dtls1_retransmit_message':
>>> d1_both.c:1261:9: warning: 'save_write_sequence' may be used
>>> uninitialized in this function [-Wmaybe-uninitialized]
>>>          memcpy(s->s3->write_sequence, save_write_sequence,
>>>          ^
>> This one is entirely bogus. "save_write_sequence" is initialized on line
>> 1241. The compiler just isn't clever enough to figure that out.
> Right. But we need to learn to work with our tools :) The other option
> throws the baby out with the bath water by disabling warnings. Or, it
> leaves the problem in places so thousands or millions of folks have to
> look at the issue and clear it.

Agree to a point. I always config with --strict-warnings to add dev team
flags (as do the rest of the dev team). Amongst other things this adds
-Werror to treat all warnings as errors, so if a warning occurs then we
know about it and squash it. However that of course only catches
warnings for the particular platforms and compiler versions that the dev
team uses. There will always be warnings that we don't see that others
do. We could spend a huge amount of time tracking all of those down for
little benefit.


More information about the openssl-users mailing list