1.18.2: LTO exposes code issues

[kloczek]

libtool: link: gcc -shared  -fPIC -DPIC  src/ciphers/aes/.libs/aes.o src/ciphers/aes/.libs/aes_enc.o src/ciphers/.libs/anubis.o src/ciphers/.libs/blowfish.o src/ciphers/.libs/camellia.o src/ciphers/.libs/cast5.o src/ciphers/.libs/des.o src/ciphers/.libs/kasumi.o src/ciphers/.libs/khazad.o src/ciphers/.libs/kseed.o src/ciphers/.libs/multi2.o src/ciphers/.libs/noekeon.o src/ciphers/.libs/rc2.o src/ciphers/.libs/rc5.o src/ciphers/.libs/rc6.o src/ciphers/safer/.libs/safer.o src/ciphers/safer/.libs/saferp.o src/ciphers/.libs/skipjack.o src/ciphers/twofish/.libs/twofish.o src/ciphers/.libs/xtea.o src/encauth/ccm/.libs/ccm_add_aad.o src/encauth/ccm/.libs/ccm_add_nonce.o src/encauth/ccm/.libs/ccm_done.o src/encauth/ccm/.libs/ccm_init.o src/encauth/ccm/.libs/ccm_memory.o src/encauth/ccm/.libs/ccm_process.o src/encauth/ccm/.libs/ccm_reset.o src/encauth/ccm/.libs/ccm_test.o src/encauth/chachapoly/.libs/chacha20poly1305_add_aad.o src/encauth/chachapoly/.libs/chacha20poly1305_decrypt.o src/encauth/chachapoly/.libs/chacha20poly1305_done.o src/encauth/chachapoly/.libs/chacha20poly1305_encrypt.o src/encauth/chachapoly/.libs/chacha20poly1305_init.o src/encauth/chachapoly/.libs/chacha20poly1305_memory.o src/encauth/chachapoly/.libs/chacha20poly1305_setiv.o src/encauth/chachapoly/.libs/chacha20poly1305_setiv_rfc7905.o src/encauth/chachapoly/.libs/chacha20poly1305_test.o src/encauth/eax/.libs/eax_addheader.o src/encauth/eax/.libs/eax_decrypt.o src/encauth/eax/.libs/eax_decrypt_verify_memory.o src/encauth/eax/.libs/eax_done.o src/encauth/eax/.libs/eax_encrypt.o src/encauth/eax/.libs/eax_encrypt_authenticate_memory.o src/encauth/eax/.libs/eax_init.o src/encauth/eax/.libs/eax_test.o src/encauth/gcm/.libs/gcm_add_aad.o src/encauth/gcm/.libs/gcm_add_iv.o src/encauth/gcm/.libs/gcm_done.o src/encauth/gcm/.libs/gcm_gf_mult.o src/encauth/gcm/.libs/gcm_init.o src/encauth/gcm/.libs/gcm_memory.o src/encauth/gcm/.libs/gcm_mult_h.o src/encauth/gcm/.libs/gcm_process.o src/encauth/gcm/.libs/gcm_reset.o src/encauth/gcm/.libs/gcm_test.o src/encauth/ocb/.libs/ocb_decrypt.o src/encauth/ocb/.libs/ocb_decrypt_verify_memory.o src/encauth/ocb/.libs/ocb_done_decrypt.o src/encauth/ocb/.libs/ocb_done_encrypt.o src/encauth/ocb/.libs/ocb_encrypt.o src/encauth/ocb/.libs/ocb_encrypt_authenticate_memory.o src/encauth/ocb/.libs/ocb_init.o src/encauth/ocb/.libs/ocb_ntz.o src/encauth/ocb/.libs/ocb_shift_xor.o src/encauth/ocb/.libs/ocb_test.o src/encauth/ocb/.libs/s_ocb_done.o src/encauth/ocb3/.libs/ocb3_add_aad.o src/encauth/ocb3/.libs/ocb3_decrypt.o src/encauth/ocb3/.libs/ocb3_decrypt_last.o src/encauth/ocb3/.libs/ocb3_decrypt_verify_memory.o src/encauth/ocb3/.libs/ocb3_done.o src/encauth/ocb3/.libs/ocb3_encrypt.o src/encauth/ocb3/.libs/ocb3_encrypt_authenticate_memory.o src/encauth/ocb3/.libs/ocb3_encrypt_last.o src/encauth/ocb3/.libs/ocb3_init.o src/encauth/ocb3/.libs/ocb3_int_ntz.o src/encauth/ocb3/.libs/ocb3_int_xor_blocks.o src/encauth/ocb3/.libs/ocb3_test.o src/hashes/.libs/blake2b.o src/hashes/.libs/blake2s.o src/hashes/chc/.libs/chc.o src/hashes/helper/.libs/hash_file.o src/hashes/helper/.libs/hash_filehandle.o src/hashes/helper/.libs/hash_memory.o src/hashes/helper/.libs/hash_memory_multi.o src/hashes/.libs/md2.o src/hashes/.libs/md4.o src/hashes/.libs/md5.o src/hashes/.libs/rmd128.o src/hashes/.libs/rmd160.o src/hashes/.libs/rmd256.o src/hashes/.libs/rmd320.o src/hashes/.libs/sha1.o src/hashes/sha2/.libs/sha224.o src/hashes/sha2/.libs/sha256.o src/hashes/sha2/.libs/sha384.o src/hashes/sha2/.libs/sha512.o src/hashes/sha2/.libs/sha512_224.o src/hashes/sha2/.libs/sha512_256.o src/hashes/.libs/sha3.o src/hashes/.libs/sha3_test.o src/hashes/.libs/tiger.o src/hashes/whirl/.libs/whirl.o src/mac/blake2/.libs/blake2bmac.o src/mac/blake2/.libs/blake2bmac_file.o src/mac/blake2/.libs/blake2bmac_memory.o src/mac/blake2/.libs/blake2bmac_memory_multi.o src/mac/blake2/.libs/blake2bmac_test.o src/mac/blake2/.libs/blake2smac.o src/mac/blake2/.libs/blake2smac_file.o src/mac/blake2/.libs/blake2smac_memory.o src/mac/blake2/.libs/blake2smac_memory_multi.o src/mac/blake2/.libs/blake2smac_test.o src/mac/f9/.libs/f9_done.o src/mac/f9/.libs/f9_file.o src/mac/f9/.libs/f9_init.o src/mac/f9/.libs/f9_memory.o src/mac/f9/.libs/f9_memory_multi.o src/mac/f9/.libs/f9_process.o src/mac/f9/.libs/f9_test.o src/mac/hmac/.libs/hmac_done.o src/mac/hmac/.libs/hmac_file.o src/mac/hmac/.libs/hmac_init.o src/mac/hmac/.libs/hmac_memory.o src/mac/hmac/.libs/hmac_memory_multi.o src/mac/hmac/.libs/hmac_process.o src/mac/hmac/.libs/hmac_test.o src/mac/omac/.libs/omac_done.o src/mac/omac/.libs/omac_file.o src/mac/omac/.libs/omac_init.o src/mac/omac/.libs/omac_memory.o src/mac/omac/.libs/omac_memory_multi.o src/mac/omac/.libs/omac_process.o src/mac/omac/.libs/omac_test.o src/mac/pelican/.libs/pelican.o src/mac/pelican/.libs/pelican_memory.o src/mac/pelican/.libs/pelican_test.o src/mac/pmac/.libs/pmac_done.o src/mac/pmac/.libs/pmac_file.o src/mac/pmac/.libs/pmac_init.o src/mac/pmac/.libs/pmac_memory.o src/mac/pmac/.libs/pmac_memory_multi.o src/mac/pmac/.libs/pmac_ntz.o src/mac/pmac/.libs/pmac_process.o src/mac/pmac/.libs/pmac_shift_xor.o src/mac/pmac/.libs/pmac_test.o src/mac/poly1305/.libs/poly1305.o src/mac/poly1305/.libs/poly1305_file.o src/mac/poly1305/.libs/poly1305_memory.o src/mac/poly1305/.libs/poly1305_memory_multi.o src/mac/poly1305/.libs/poly1305_test.o src/mac/xcbc/.libs/xcbc_done.o src/mac/xcbc/.libs/xcbc_file.o src/mac/xcbc/.libs/xcbc_init.o src/mac/xcbc/.libs/xcbc_memory.o src/mac/xcbc/.libs/xcbc_memory_multi.o src/mac/xcbc/.libs/xcbc_process.o src/mac/xcbc/.libs/xcbc_test.o src/math/fp/.libs/ltc_ecc_fp_mulmod.o src/math/.libs/gmp_desc.o src/math/.libs/ltm_desc.o src/math/.libs/multi.o src/math/.libs/radix_to_bin.o src/math/.libs/rand_bn.o src/math/.libs/rand_prime.o src/math/.libs/tfm_desc.o src/misc/.libs/adler32.o src/misc/base64/.libs/base64_decode.o src/misc/base64/.libs/base64_encode.o src/misc/.libs/burn_stack.o src/misc/.libs/compare_testvector.o src/misc/.libs/crc32.o src/misc/crypt/.libs/crypt.o src/misc/crypt/.libs/crypt_argchk.o src/misc/crypt/.libs/crypt_cipher_descriptor.o src/misc/crypt/.libs/crypt_cipher_is_valid.o src/misc/crypt/.libs/crypt_constants.o src/misc/crypt/.libs/crypt_find_cipher.o src/misc/crypt/.libs/crypt_find_cipher_any.o src/misc/crypt/.libs/crypt_find_cipher_id.o src/misc/crypt/.libs/crypt_find_hash.o src/misc/crypt/.libs/crypt_find_hash_any.o src/misc/crypt/.libs/crypt_find_hash_id.o src/misc/crypt/.libs/crypt_find_hash_oid.o src/misc/crypt/.libs/crypt_find_prng.o src/misc/crypt/.libs/crypt_fsa.o src/misc/crypt/.libs/crypt_hash_descriptor.o src/misc/crypt/.libs/crypt_hash_is_valid.o src/misc/crypt/.libs/crypt_inits.o src/misc/crypt/.libs/crypt_ltc_mp_descriptor.o src/misc/crypt/.libs/crypt_prng_descriptor.o src/misc/crypt/.libs/crypt_prng_is_valid.o src/misc/crypt/.libs/crypt_prng_rng_descriptor.o src/misc/crypt/.libs/crypt_register_all_ciphers.o src/misc/crypt/.libs/crypt_register_all_hashes.o src/misc/crypt/.libs/crypt_register_all_prngs.o src/misc/crypt/.libs/crypt_register_cipher.o src/misc/crypt/.libs/crypt_register_hash.o src/misc/crypt/.libs/crypt_register_prng.o src/misc/crypt/.libs/crypt_sizes.o src/misc/crypt/.libs/crypt_unregister_cipher.o src/misc/crypt/.libs/crypt_unregister_hash.o src/misc/crypt/.libs/crypt_unregister_prng.o src/misc/.libs/error_to_string.o src/misc/hkdf/.libs/hkdf.o src/misc/hkdf/.libs/hkdf_test.o src/misc/.libs/mem_neq.o src/misc/.libs/pk_get_oid.o src/misc/pkcs5/.libs/pkcs_5_1.o src/misc/pkcs5/.libs/pkcs_5_2.o src/misc/pkcs5/.libs/pkcs_5_test.o src/misc/.libs/zeromem.o src/modes/cbc/.libs/cbc_decrypt.o src/modes/cbc/.libs/cbc_done.o src/modes/cbc/.libs/cbc_encrypt.o src/modes/cbc/.libs/cbc_getiv.o src/modes/cbc/.libs/cbc_setiv.o src/modes/cbc/.libs/cbc_start.o src/modes/cfb/.libs/cfb_decrypt.o src/modes/cfb/.libs/cfb_done.o src/modes/cfb/.libs/cfb_encrypt.o src/modes/cfb/.libs/cfb_getiv.o src/modes/cfb/.libs/cfb_setiv.o src/modes/cfb/.libs/cfb_start.o src/modes/ctr/.libs/ctr_decrypt.o src/modes/ctr/.libs/ctr_done.o src/modes/ctr/.libs/ctr_encrypt.o src/modes/ctr/.libs/ctr_getiv.o src/modes/ctr/.libs/ctr_setiv.o src/modes/ctr/.libs/ctr_start.o src/modes/ctr/.libs/ctr_test.o src/modes/ecb/.libs/ecb_decrypt.o src/modes/ecb/.libs/ecb_done.o src/modes/ecb/.libs/ecb_encrypt.o src/modes/ecb/.libs/ecb_start.o src/modes/f8/.libs/f8_decrypt.o src/modes/f8/.libs/f8_done.o src/modes/f8/.libs/f8_encrypt.o src/modes/f8/.libs/f8_getiv.o src/modes/f8/.libs/f8_setiv.o src/modes/f8/.libs/f8_start.o src/modes/f8/.libs/f8_test_mode.o src/modes/lrw/.libs/lrw_decrypt.o src/modes/lrw/.libs/lrw_done.o src/modes/lrw/.libs/lrw_encrypt.o src/modes/lrw/.libs/lrw_getiv.o src/modes/lrw/.libs/lrw_process.o src/modes/lrw/.libs/lrw_setiv.o src/modes/lrw/.libs/lrw_start.o src/modes/lrw/.libs/lrw_test.o src/modes/ofb/.libs/ofb_decrypt.o src/modes/ofb/.libs/ofb_done.o src/modes/ofb/.libs/ofb_encrypt.o src/modes/ofb/.libs/ofb_getiv.o src/modes/ofb/.libs/ofb_setiv.o src/modes/ofb/.libs/ofb_start.o src/modes/xts/.libs/xts_decrypt.o src/modes/xts/.libs/xts_done.o src/modes/xts/.libs/xts_encrypt.o src/modes/xts/.libs/xts_init.o src/modes/xts/.libs/xts_mult_x.o src/modes/xts/.libs/xts_test.o src/pk/asn1/der/bit/.libs/der_decode_bit_string.o src/pk/asn1/der/bit/.libs/der_decode_raw_bit_string.o src/pk/asn1/der/bit/.libs/der_encode_bit_string.o src/pk/asn1/der/bit/.libs/der_encode_raw_bit_string.o src/pk/asn1/der/bit/.libs/der_length_bit_string.o src/pk/asn1/der/boolean/.libs/der_decode_boolean.o src/pk/asn1/der/boolean/.libs/der_encode_boolean.o src/pk/asn1/der/boolean/.libs/der_length_boolean.o src/pk/asn1/der/choice/.libs/der_decode_choice.o src/pk/asn1/der/generalizedtime/.libs/der_decode_generalizedtime.o src/pk/asn1/der/generalizedtime/.libs/der_encode_generalizedtime.o src/pk/asn1/der/generalizedtime/.libs/der_length_generalizedtime.o src/pk/asn1/der/ia5/.libs/der_decode_ia5_string.o src/pk/asn1/der/ia5/.libs/der_encode_ia5_string.o src/pk/asn1/der/ia5/.libs/der_length_ia5_string.o src/pk/asn1/der/integer/.libs/der_decode_integer.o src/pk/asn1/der/integer/.libs/der_encode_integer.o src/pk/asn1/der/integer/.libs/der_length_integer.o src/pk/asn1/der/object_identifier/.libs/der_decode_object_identifier.o src/pk/asn1/der/object_identifier/.libs/der_encode_object_identifier.o src/pk/asn1/der/object_identifier/.libs/der_length_object_identifier.o src/pk/asn1/der/octet/.libs/der_decode_octet_string.o src/pk/asn1/der/octet/.libs/der_encode_octet_string.o src/pk/asn1/der/octet/.libs/der_length_octet_string.o src/pk/asn1/der/printable_string/.libs/der_decode_printable_string.o src/pk/asn1/der/printable_string/.libs/der_encode_printable_string.o src/pk/asn1/der/printable_string/.libs/der_length_printable_string.o src/pk/asn1/der/sequence/.libs/der_decode_sequence_ex.o src/pk/asn1/der/sequence/.libs/der_decode_sequence_flexi.o src/pk/asn1/der/sequence/.libs/der_decode_sequence_multi.o src/pk/asn1/der/sequence/.libs/der_decode_subject_public_key_info.o src/pk/asn1/der/sequence/.libs/der_encode_sequence_ex.o src/pk/asn1/der/sequence/.libs/der_encode_sequence_multi.o src/pk/asn1/der/sequence/.libs/der_encode_subject_public_key_info.o src/pk/asn1/der/sequence/.libs/der_length_sequence.o src/pk/asn1/der/sequence/.libs/der_sequence_free.o src/pk/asn1/der/sequence/.libs/der_sequence_shrink.o src/pk/asn1/der/set/.libs/der_encode_set.o src/pk/asn1/der/set/.libs/der_encode_setof.o src/pk/asn1/der/short_integer/.libs/der_decode_short_integer.o src/pk/asn1/der/short_integer/.libs/der_encode_short_integer.o src/pk/asn1/der/short_integer/.libs/der_length_short_integer.o src/pk/asn1/der/teletex_string/.libs/der_decode_teletex_string.o src/pk/asn1/der/teletex_string/.libs/der_length_teletex_string.o src/pk/asn1/der/utctime/.libs/der_decode_utctime.o src/pk/asn1/der/utctime/.libs/der_encode_utctime.o src/pk/asn1/der/utctime/.libs/der_length_utctime.o src/pk/asn1/der/utf8/.libs/der_decode_utf8_string.o src/pk/asn1/der/utf8/.libs/der_encode_utf8_string.o src/pk/asn1/der/utf8/.libs/der_length_utf8_string.o src/pk/dh/.libs/dh.o src/pk/dh/.libs/dh_check_pubkey.o src/pk/dh/.libs/dh_export.o src/pk/dh/.libs/dh_export_key.o src/pk/dh/.libs/dh_free.o src/pk/dh/.libs/dh_generate_key.o src/pk/dh/.libs/dh_import.o src/pk/dh/.libs/dh_set.o src/pk/dh/.libs/dh_set_pg_dhparam.o src/pk/dh/.libs/dh_shared_secret.o src/pk/dsa/.libs/dsa_decrypt_key.o src/pk/dsa/.libs/dsa_encrypt_key.o src/pk/dsa/.libs/dsa_export.o src/pk/dsa/.libs/dsa_free.o src/pk/dsa/.libs/dsa_generate_key.o src/pk/dsa/.libs/dsa_generate_pqg.o src/pk/dsa/.libs/dsa_import.o src/pk/dsa/.libs/dsa_make_key.o src/pk/dsa/.libs/dsa_set.o src/pk/dsa/.libs/dsa_set_pqg_dsaparam.o src/pk/dsa/.libs/dsa_shared_secret.o src/pk/dsa/.libs/dsa_sign_hash.o src/pk/dsa/.libs/dsa_verify_hash.o src/pk/dsa/.libs/dsa_verify_key.o src/pk/ecc/.libs/ecc.o src/pk/ecc/.libs/ecc_ansi_x963_export.o src/pk/ecc/.libs/ecc_ansi_x963_import.o src/pk/ecc/.libs/ecc_decrypt_key.o src/pk/ecc/.libs/ecc_encrypt_key.o src/pk/ecc/.libs/ecc_export.o src/pk/ecc/.libs/ecc_free.o src/pk/ecc/.libs/ecc_get_size.o src/pk/ecc/.libs/ecc_import.o src/pk/ecc/.libs/ecc_make_key.o src/pk/ecc/.libs/ecc_shared_secret.o src/pk/ecc/.libs/ecc_sign_hash.o src/pk/ecc/.libs/ecc_sizes.o src/pk/ecc/.libs/ecc_test.o src/pk/ecc/.libs/ecc_verify_hash.o src/pk/ecc/.libs/ltc_ecc_is_valid_idx.o src/pk/ecc/.libs/ltc_ecc_map.o src/pk/ecc/.libs/ltc_ecc_mul2add.o src/pk/ecc/.libs/ltc_ecc_mulmod.o src/pk/ecc/.libs/ltc_ecc_mulmod_timing.o src/pk/ecc/.libs/ltc_ecc_points.o src/pk/ecc/.libs/ltc_ecc_projective_add_point.o src/pk/ecc/.libs/ltc_ecc_projective_dbl_point.o src/pk/katja/.libs/katja_decrypt_key.o src/pk/katja/.libs/katja_encrypt_key.o src/pk/katja/.libs/katja_export.o src/pk/katja/.libs/katja_exptmod.o src/pk/katja/.libs/katja_free.o src/pk/katja/.libs/katja_import.o src/pk/katja/.libs/katja_make_key.o src/pk/pkcs1/.libs/pkcs_1_i2osp.o src/pk/pkcs1/.libs/pkcs_1_mgf1.o src/pk/pkcs1/.libs/pkcs_1_oaep_decode.o src/pk/pkcs1/.libs/pkcs_1_oaep_encode.o src/pk/pkcs1/.libs/pkcs_1_os2ip.o src/pk/pkcs1/.libs/pkcs_1_pss_decode.o src/pk/pkcs1/.libs/pkcs_1_pss_encode.o src/pk/pkcs1/.libs/pkcs_1_v1_5_decode.o src/pk/pkcs1/.libs/pkcs_1_v1_5_encode.o src/pk/rsa/.libs/rsa_decrypt_key.o src/pk/rsa/.libs/rsa_encrypt_key.o src/pk/rsa/.libs/rsa_export.o src/pk/rsa/.libs/rsa_exptmod.o src/pk/rsa/.libs/rsa_free.o src/pk/rsa/.libs/rsa_get_size.o src/pk/rsa/.libs/rsa_import.o src/pk/rsa/.libs/rsa_import_pkcs8.o src/pk/rsa/.libs/rsa_import_x509.o src/pk/rsa/.libs/rsa_make_key.o src/pk/rsa/.libs/rsa_set.o src/pk/rsa/.libs/rsa_sign_hash.o src/pk/rsa/.libs/rsa_sign_saltlen_get.o src/pk/rsa/.libs/rsa_verify_hash.o src/prngs/.libs/chacha20.o src/prngs/.libs/fortuna.o src/prngs/.libs/rc4.o src/prngs/.libs/rng_get_bytes.o src/prngs/.libs/rng_make_prng.o src/prngs/.libs/sober128.o src/prngs/.libs/sprng.o src/prngs/.libs/yarrow.o src/stream/chacha/.libs/chacha_crypt.o src/stream/chacha/.libs/chacha_done.o src/stream/chacha/.libs/chacha_ivctr32.o src/stream/chacha/.libs/chacha_ivctr64.o src/stream/chacha/.libs/chacha_keystream.o src/stream/chacha/.libs/chacha_setup.o src/stream/chacha/.libs/chacha_test.o src/stream/rc4/.libs/rc4_stream.o src/stream/rc4/.libs/rc4_test.o src/stream/sober128/.libs/sober128_stream.o src/stream/sober128/.libs/sober128_test.o   -Wl,-z -Wl,relro -Wl,--as-needed -Wl,-z -Wl,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -flto=auto -flto-partition=none -fuse-linker-plugin    -Wl,-soname -Wl,libtomcrypt.so.1 -o .libs/libtomcrypt.so.1.0.1
src/encauth/ccm/ccm_add_nonce.c: In function 'ccm_add_nonce':
src/encauth/ccm/ccm_add_nonce.c:64:21: warning: writing 1 byte into a region of size 0 [-Wstringop-overflow=]
   64 |       ccm->PAD[x++] = (unsigned char)((len >> 24) & 255);
      |                     ^
./src/headers/tomcrypt_mac.h:327:24: note: at offset [16, 47] to object 'PAD' with size 16 declared here
  327 |    unsigned char       PAD[16],
      |                        ^
src/encauth/ccm/ccm_memory.c: In function 'ccm_memory':
src/encauth/ccm/ccm_memory.c:177:17: warning: writing 1 byte into a region of size 0 [-Wstringop-overflow=]
  177 |        PAD[x++] = (unsigned char)((len >> 24) & 255);
      |                 ^
src/encauth/ccm/ccm_memory.c:49:19: note: at offset [15, 46] to object 'PAD' with size 16 declared here
   49 |    unsigned char  PAD[16], ctr[16], CTRPAD[16], ptTag[16], b, *pt_real;
      |                   ^
src/encauth/ccm/ccm_memory.c:177:17: warning: writing 1 byte into a region of size 0 [-Wstringop-overflow=]
  177 |        PAD[x++] = (unsigned char)((len >> 24) & 255);
      |                 ^
src/encauth/ccm/ccm_memory.c:49:19: note: at offset [16, 47] to object 'PAD' with size 16 declared here
   49 |    unsigned char  PAD[16], ctr[16], CTRPAD[16], ptTag[16], b, *pt_real;
      |                   ^
libtool: link: (cd ".libs" && rm -f "libtomcrypt.so.1" && ln -s "libtomcrypt.so.1.0.1" "libtomcrypt.so.1")
libtool: link: (cd ".libs" && rm -f "libtomcrypt.so" && ln -s "libtomcrypt.so.1.0.1" "libtomcrypt.so")

BTW: would you accept PR with automake/autoconf and libtool based build framework (with use pkgconfig to detects libtommath)

[karel-m]

IMO adding automake/autoconf support is not likely. The main reason is AFAIK the maintenance cost.

There was a discussion 2 yeas ago #391 + even some code 34daa41 Basically nothing changed since then.

[kloczek]

I really have no idea about what kind of cobsts you are talking about.
When you hjave cinficure.ac and fee Makefile.am files all what you need to do is just "autoreconf -fiv; ./configure; make discheck"

[rofl0r]

When you hjave cinficure.ac and fee Makefile.am files all what you need to do is just "autoreconf -fiv; ./configure; make discheck"

yes, but to do that you need automake, autoconf and libtool installed, one of which requires perl5 plus GNU m4 and a variety of fragile shell scripts. also libtool is unmaintained since years and very buggy, and it goes to great length to make a user's life harder by removing explicitly passed flags such as -static and replacing -lfoo parameters with a hardcoded location to a .so file, extracted from .la files. with vanilla libtool it's practically impossible to do a proper crosscompile and static builds.

as far as the build warnings are concerned, you may have found a real issue though.

[kloczek]

You don''t need to maintain all those components. They are coming with your favourite distribution.
On top of that I have no idea about what kind of "variety of fragile shell scripts" you are talking about.
libtomcrypt has just library and test suite.
If you will look on cmake size of the cmalke is bigger than all components which you've listed.
The same is meson because it uses python.
Nevertheless size of all that tooling is completely not related to the libtomcrypt.
All what is necessary to do is just install few packages which takes few seconds.

Ahat actually is more important management features when you are using exact tooling. From that point of view am/ac/lt/pkgconfig still is unbitable. Next would be probably meson than cmake.
I have now about 2.3k rpm spec fiels cleaned in my own distribution (based on fedora).

[tkloczko@barrel SPECS]$ grep -l meson * | wc -l
228
[tkloczko@barrel SPECS]$ grep -l cmake * | wc -l
131
[tkloczko@barrel SPECS]$ grep -l automake * | wc -l
691

am/ac/lt rocks and all is working. Adding coverity, fuzzler or any other code scanner support is almost transparent. Many other macros adding more tooling features are ready to use.
meson still main problem is that because it uses as backend ninja it is not possible to separate stdout and stderr on build which makes difficult to automatically analyse build process (ninja developers are refusing to redirecting sderr to stdout).
cmake still has tons of problems (especially with passing LTO because it messes with all variables like $CC, $CXX, $AR, $MN, $RANLIB, CFLAGS, $CXXFLAGS, $LDFLAGS). Lack of standards and even encouraging developers to not use standard cmake macros coming with cmake is causing that in many maintainers are "rediscovering the wheel".
IMO cmake is on the bottom.

[karel-m]

From time to time we have requests like this - support autotools, support cmake, support Visual Studio 20?? project files etc. Some of them even come with more-or-less working build scripts/files.

Trouble is that all those contributors expect that somebody will take care of "their" build files in the future. Which usually does not mean near future but sooner or later we add, remove, rename or shuffle source files or make some significant change in macros/defines used at build-time and it is exactly the point when the original contributor is gone and we have to pay the maintenance cost.

The statement You don't need to maintain all those components. is not true.

[kloczek]

Generally there is no any obstacles to have in single tree support for all of those build tooling.

You can even keep still all your Makefile files if you want without introducing conflicts.

The statement You don't need to maintain all those components. is not true.

If you are not working on whole OS distribution (like I'm) that statement is true.
As developer all what you need to do is just keep your build/dev env up-to-date. That is really so simple.
And again to build single library + test suite as long build framework will be written as long as new features configuring source code tree will be not added nothing needs to be changed in any of the build frameworks.

[sjaeckel]

IIRC the code in question also triggers some warnings in scan-build after #524 is applied.
I've reviewed the code and tried to reproduce what is described in the warnings, but couldn't find a way to do so, which led me to disable LTC_FAST when running scan-build... maybe someone else wants to have a look into it!?

Regarding autotools... there exists already a cmake branch which only requires a rebase and some polishing, would that also be acceptable?

[rofl0r]

maybe someone else wants to have a look into it!?

i did take a look but the code is quite hard to follow, involving a lot of variables/conditions. i guess the best/easiest way to figure out when an out-of-bounds write can occur is to single-step through the code and inspect the values, or use a static analyzer such as frama-c which gives quite useful informations for code like this.