RubyGems - libmongocrypt-helper - Versions diffs - 1.13.2.0.1001 → 1.14.0.0.1001 - Mend

libmongocrypt-helper 1.13.2.0.1001 → 1.14.0.0.1001

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (250) hide show

data/ext/libmongocrypt/libmongocrypt/src/mlib/path.test.c CHANGED Viewed

@@ -1,8 +1,5 @@
 #include "./path.h"
-#define CHECK(Expr)                                                                                                    \
-    ((Expr) ? 0 : ((fprintf(stderr, "%s:%d: Check '%s' failed\n", __FILE__, __LINE__, #Expr), abort()), 0))
 #define TEST_DECOMP(Part, Given, Expect)                                                                               \
     MSTR_ASSERT_EQ(mpath_##Part(mstrv_view_cstr(Given), MPATH_NATIVE), mstrv_view_cstr(Expect))
@@ -12,7 +9,7 @@ static void test_make_absolute(mpath_format f, const char *part, const char *bas
     mstr_free(result);
 }
-int main() {
+int main(void) {
     mstr s = mstr_copy_cstr("/foo/bar/baz.txt");
     MSTR_ASSERT_EQ(mpath_parent(s.view, MPATH_NATIVE), mstrv_lit("/foo/bar"));
     MSTR_ASSERT_EQ(mpath_parent(mpath_parent(s.view, MPATH_NATIVE), MPATH_NATIVE), mstrv_lit("/foo"));
@@ -67,4 +64,4 @@ int main() {
     mstr_assign(&s, mpath_absolute(mstrv_lit("Z:/foo"), MPATH_POSIX));
     mstr_free(s);
-}
+}

data/ext/libmongocrypt/libmongocrypt/src/mlib/str.h CHANGED Viewed

@@ -17,6 +17,12 @@
 #include <strings.h> /* For strncasecmp. */
 #endif
+// Deliberately using old-style casts for C and C++ compatibility.
+#if defined(__cplusplus) && defined(__clang__)
+_Pragma("clang diagnostic push");
+_Pragma("clang diagnostic ignored \"-Wold-style-cast\"");
+#endif
 MLIB_C_LINKAGE_BEGIN
 /**
@@ -70,28 +76,26 @@ typedef struct mstr_view {
  * relinquish ownership of that `mstr` to the callee/caller, respectively.
  * Passing or returning an `mstr_view` is non-owning.
  */
-typedef struct mstr {
-    union {
-        struct {
-            /**
-             * @brief Pointer to the beginning of the code unit array.
-             *
-             * @note DO NOT MODIFY
-             */
-            const char *data;
-            /**
-             * @brief Length of the pointed-to code unit array
-             *
-             * @note DO NOT MODIFY
-             */
-            size_t len;
-        };
+typedef union mstr {
+    struct {
         /**
-         * @brief A non-owning `mstr_view` of the string
+         * @brief Pointer to the beginning of the code unit array.
+         *
+         * @note DO NOT MODIFY
          */
-        mstr_view view;
-    };
+        const char *data;
+        /**
+         * @brief Length of the pointed-to code unit array
+         *
+         * @note DO NOT MODIFY
+         */
+        size_t len;
+    } raw;
+    /**
+     * @brief A non-owning `mstr_view` of the string
+     */
+    mstr_view view;
 } mstr;
 /**
@@ -100,34 +104,32 @@ typedef struct mstr {
  * Returned by @ref mstr_new(). Once initialization is complete, the result can
  * be used as an @ref mstr by accessing the @ref mstr_mut::mstr member.
  */
-typedef struct mstr_mut {
-    union {
-        struct {
-            /**
-             * @brief Pointer to the beginning of the mutable code unit array.
-             *
-             * @note DO NOT MODIFY THE POINTER VALUE. Only modify the pointed-to
-             * characters.
-             */
-            char *data;
-            /**
-             * @brief Length of the pointed-to code unit array.
-             *
-             * @note DO NOT MODIFY
-             */
-            size_t len;
-        };
-        /// Convert the mutable string to an immutable string
-        struct mstr mstr;
-        /// Convert the mutable string to an immutable string view
-        mstr_view view;
-    };
+typedef union mstr_mut {
+    struct {
+        /**
+         * @brief Pointer to the beginning of the mutable code unit array.
+         *
+         * @note DO NOT MODIFY THE POINTER VALUE. Only modify the pointed-to
+         * characters.
+         */
+        char *data;
+        /**
+         * @brief Length of the pointed-to code unit array.
+         *
+         * @note DO NOT MODIFY
+         */
+        size_t len;
+    } raw;
+    /// Convert the mutable string to an immutable string
+    union mstr mstr;
+    /// Convert the mutable string to an immutable string view
+    mstr_view view;
 } mstr_mut;
 /**
  * @brief A null @ref mstr
  */
-#define MSTR_NULL (MLIB_INIT(mstr){{{NULL, 0}}})
+#define MSTR_NULL (MLIB_INIT(mstr){{NULL, 0}})
 /**
  * @brief A null @ref mstr_view
  */
@@ -153,7 +155,7 @@ typedef struct mstr_mut {
 static inline mstr_mut mstr_new(size_t len) {
 #ifndef __clang_analyzer__
     assert(len < SIZE_MAX);
-    return MLIB_INIT(mstr_mut){{{(char *)calloc(1, len + 1), len}}};
+    return MLIB_INIT(mstr_mut){{(char *)calloc(1, len + 1), len}};
 #else
     // Clang-analyzer is smart enough to see the calloc(), but not smart enough
     // to link it to the free() in mstr_free()
@@ -195,7 +197,7 @@ static inline mstr_view mstrv_view_cstr(const char *s) {
  */
 static inline mstr mstr_copy_data(const char *s, size_t len) {
     mstr_mut r = mstr_new(len);
-    memcpy(r.data, s, len);
+    memcpy(r.raw.data, s, len);
     return r.mstr;
 }
@@ -225,7 +227,7 @@ static inline mstr mstr_copy(mstr_view s) {
  * @param s The string to free
  */
 static inline void mstr_free(mstr s) {
-    free((char *)s.data);
+    free((char *)s.raw.data);
 }
 /**
@@ -236,21 +238,21 @@ static inline void mstr_free(mstr s) {
  * @param new_len The new length of the string
  */
 static inline void mstrm_resize(mstr_mut *s, size_t new_len) {
-    if (new_len <= s->len) {
-        s->len = new_len;
+    if (new_len <= s->raw.len) {
+        s->raw.len = new_len;
     } else {
-        const size_t old_len = s->len;
+        const size_t old_len = s->raw.len;
 #ifndef __clang_analyzer__
         // Clang-analyzer is smart enough to see the calloc(), but not smart
         // enough to link it to the free() in mstr_free()
         assert(new_len < SIZE_MAX);
-        s->data = (char *)realloc((char *)s->data, new_len + 1);
+        s->raw.data = (char *)realloc((char *)s->raw.data, new_len + 1);
 #endif
-        s->len = new_len;
+        s->raw.len = new_len;
         assert(new_len >= old_len);
-        memset(s->data + old_len, 0, new_len - old_len);
+        memset(s->raw.data + old_len, 0, new_len - old_len);
     }
-    s->data[new_len] = (char)0;
+    s->raw.data[new_len] = (char)0;
 }
 /**
@@ -369,7 +371,7 @@ static inline mstr mstr_splice(mstr_view s, size_t at, size_t del_count, mstr_vi
     assert(s.len - del_count <= SIZE_MAX - insert.len);
     const size_t new_size = s.len - del_count + insert.len;
     mstr_mut ret = mstr_new(new_size);
-    char *p = ret.data;
+    char *p = ret.raw.data;
     memcpy(p, s.data, at);
     p += at;
     if (insert.data) {
@@ -451,7 +453,7 @@ static inline mstr mstr_substr(mstr_view s, size_t at, size_t len) {
         len = remain;
     }
     mstr_mut r = mstr_new(len);
-    memcpy(r.data, s.data + at, len);
+    memcpy(r.raw.data, s.data + at, len);
     return r.mstr;
 }
@@ -607,7 +609,7 @@ static inline void _mstr_assert_(mstr_view left,
         if (!B) {
             mstr_assign(&pstr, mstr_prepend(pstr.view, mstrv_lit("not ")));
         }
-        _mstr_assert_fail_(left, pstr.data, right, file, line);
+        _mstr_assert_fail_(left, pstr.raw.data, right, file, line);
     }
 }
@@ -767,9 +769,9 @@ static inline mstr_narrow_result mstr_win32_narrow(const wchar_t *wstring) {
                                       wcflags,
                                       wstring,
                                       -1,
-                                      ret.data,
+                                      ret.raw.data,
                                       // Plus one byte for the NUL
-                                      (int)(ret.len + 1),
+                                      (int)(ret.raw.len + 1),
                                       NULL,
                                       NULL);
     assert(length == got_len);
@@ -906,4 +908,9 @@ static mlib_constexpr_fn size_t mlib_strnmcopy(char *dst, size_t dst_bufsize, co
 MLIB_C_LINKAGE_END
+// Deliberately using old-style casts for C and C++ compatibility.
+#if defined(__cplusplus) && defined(__clang__)
+_Pragma("clang diagnostic pop");
+#endif
 #endif // MONGOCRYPT_STR_PRIVATE_H

data/ext/libmongocrypt/libmongocrypt/src/mlib/str.test.c CHANGED Viewed

@@ -5,16 +5,16 @@
 #define test_predicate(Bool, Left, Pred, Right) MSTR_ASSERT(Bool, mstrv_lit(Left), Pred, mstrv_lit(Right))
-int main() {
+int main(void) {
     // Test the null-initializers:
     mstr str = MSTR_NULL;
     mstr_view null_view = MSTRV_NULL;
     (void)null_view;
     str = mstr_copy_cstr("foo");
-    CHECK(str.len == 3);
+    CHECK(str.raw.len == 3);
     MSTR_ASSERT_EQ(str.view, mstrv_lit("foo"));
-    CHECK(strncmp(str.data, "foo", 3) == 0);
+    CHECK(strncmp(str.raw.data, "foo", 3) == 0);
     mstr_inplace_append(&str, mstrv_lit("bar"));
     MSTR_ASSERT_EQ(str.view, mstrv_lit("foobar"));

data/ext/libmongocrypt/libmongocrypt/src/mlib/thread.h CHANGED Viewed

@@ -40,7 +40,7 @@ typedef struct mlib_once_flag {
  */
 typedef void (*mlib_init_once_fn_t)(void);
-#if _WIN32
+#if defined(_WIN32)
 /**
  * An indirection layer for mlib_once on Windows platforms. Do not use directly.
  */

data/ext/libmongocrypt/libmongocrypt/src/mlib/user-check.h CHANGED Viewed

@@ -1,4 +1,4 @@
 #ifndef MLIB_USER
 #error                                                                                                                 \
     "The file being compiled transitively #include'd a mongo-mlib header, but is not a direct consumer of mlib, which is a private library for MongoDB C driver libraries"
-#endif
+#endif

data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-cache-collinfo-private.h CHANGED Viewed

@@ -20,4 +20,4 @@
 void _mongocrypt_cache_collinfo_init(_mongocrypt_cache_t *cache);
-#endif /* MONGOCRYPT_CACHE_COLLINFO_PRIVATE_H */
+#endif /* MONGOCRYPT_CACHE_COLLINFO_PRIVATE_H */

data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-cache-collinfo.c CHANGED Viewed

@@ -14,6 +14,10 @@
  * limitations under the License.
  */
+#include "mongocrypt-cache-collinfo-private.h"
+//
 #include "mongocrypt-cache-private.h"
 /* The collinfo cache.

data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ciphertext-private.h CHANGED Viewed

@@ -22,7 +22,7 @@
 #include "mongocrypt.h"
 /**
- * Produced by mongocrypt-marking.c from _mongocrypt_marking_t
+ * Produced by mongocrypt-marking.u.fle1.c from _mongocrypt_marking_t
  * as encrypted payloads for blob_subtypes:
  *   FLE1DeterministicEncryptedValue(1)
  *   FLE1RandomEncryptedValue(2)

data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-crypto-private.h CHANGED Viewed

@@ -77,18 +77,18 @@ typedef struct {
 // FLE1 algorithm: AES-256-CBC HMAC/SHA-512-256 (SHA-512 truncated to 256 bits)
 // Algorithm is documented in [FLE and
 // AEAD](https://docs.google.com/document/d/1D8xTXWo1B1dunO0bDZhPdolKTMbbD5fUIgsERubWRmY)
-const _mongocrypt_value_encryption_algorithm_t *_mcFLE1Algorithm();
+const _mongocrypt_value_encryption_algorithm_t *_mcFLE1Algorithm(void);
 // FLE2 general algorithm: AES-256-CTR HMAC/SHA-256
 // Algorithm is documented in [AEAD with
 // CTR](https://docs.google.com/document/d/1eCU7R8Kjr-mdyz6eKvhNIDVmhyYQcAaLtTfHeK7a_vE/).
-const _mongocrypt_value_encryption_algorithm_t *_mcFLE2AEADAlgorithm();
+const _mongocrypt_value_encryption_algorithm_t *_mcFLE2AEADAlgorithm(void);
 // FLE2 used with FLE2IndexedEncryptedValue: AES-256-CTR no HMAC
-const _mongocrypt_value_encryption_algorithm_t *_mcFLE2Algorithm();
+const _mongocrypt_value_encryption_algorithm_t *_mcFLE2Algorithm(void);
 // FLE2AEAD general algorithm: AES-256-CBC HMAC/SHA-256
-const _mongocrypt_value_encryption_algorithm_t *_mcFLE2v2AEADAlgorithm();
+const _mongocrypt_value_encryption_algorithm_t *_mcFLE2v2AEADAlgorithm(void);
 bool _mongocrypt_random(_mongocrypt_crypto_t *crypto,
                         _mongocrypt_buffer_t *out,

data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-crypto.c CHANGED Viewed

@@ -305,9 +305,7 @@ bool _mongocrypt_hmac_sha_256(_mongocrypt_crypto_t *crypto,
     BSON_ASSERT_PARAM(out);
     if (key->len != MONGOCRYPT_MAC_KEY_LEN) {
-        CLIENT_ERR("invalid hmac_sha_256 key length. Got %" PRIu32 ", expected: %" PRIu32,
-                   key->len,
-                   MONGOCRYPT_MAC_KEY_LEN);
+        CLIENT_ERR("invalid hmac_sha_256 key length. Got %" PRIu32 ", expected: %d", key->len, MONGOCRYPT_MAC_KEY_LEN);
         return false;
     }
@@ -501,12 +499,14 @@ static bool _encrypt_step(_mongocrypt_crypto_t *crypto,
     *bytes_written = 0;
     if (MONGOCRYPT_IV_LEN != iv->len) {
-        CLIENT_ERR("IV should have length %d, but has length %d", MONGOCRYPT_IV_LEN, iv->len);
+        CLIENT_ERR("IV should have length %d, but has length %" PRIu32, MONGOCRYPT_IV_LEN, iv->len);
         return false;
     }
     if (MONGOCRYPT_ENC_KEY_LEN != enc_key->len) {
-        CLIENT_ERR("Encryption key should have length %d, but has length %d", MONGOCRYPT_ENC_KEY_LEN, enc_key->len);
+        CLIENT_ERR("Encryption key should have length %d, but has length %" PRIu32,
+                   MONGOCRYPT_ENC_KEY_LEN,
+                   enc_key->len);
         return false;
     }
@@ -575,7 +575,9 @@ static bool _encrypt_step(_mongocrypt_crypto_t *crypto,
     }
     if (*bytes_written % MONGOCRYPT_BLOCK_SIZE != 0) {
-        CLIENT_ERR("encryption failure, wrote %d bytes, not a multiple of %d", *bytes_written, MONGOCRYPT_BLOCK_SIZE);
+        CLIENT_ERR("encryption failure, wrote %" PRIu32 " bytes, not a multiple of %d",
+                   *bytes_written,
+                   MONGOCRYPT_BLOCK_SIZE);
         return false;
     }
@@ -628,12 +630,12 @@ static bool _hmac_step(_mongocrypt_crypto_t *crypto,
     _mongocrypt_buffer_init(&to_hmac);
     if (MONGOCRYPT_MAC_KEY_LEN != Km->len) {
-        CLIENT_ERR("HMAC key wrong length: %d", Km->len);
+        CLIENT_ERR("HMAC key wrong length: %" PRIu32, Km->len);
         goto done;
     }
     if (out->len != MONGOCRYPT_HMAC_LEN) {
-        CLIENT_ERR("out wrong length: %d", out->len);
+        CLIENT_ERR("out wrong length: %" PRIu32, out->len);
         goto done;
     }
@@ -761,18 +763,18 @@ static bool _mongocrypt_do_encryption(_mongocrypt_crypto_t *crypto,
         return false;
     }
     if (expect_ciphertext_len != ciphertext->len) {
-        CLIENT_ERR("output ciphertext should have been allocated with %d bytes", expect_ciphertext_len);
+        CLIENT_ERR("output ciphertext should have been allocated with %" PRIu32 " bytes", expect_ciphertext_len);
         return false;
     }
     if (MONGOCRYPT_IV_LEN != iv->len) {
-        CLIENT_ERR("IV should have length %d, but has length %d", MONGOCRYPT_IV_LEN, iv->len);
+        CLIENT_ERR("IV should have length %d, but has length %" PRIu32, MONGOCRYPT_IV_LEN, iv->len);
         return false;
     }
     const uint32_t expected_key_len = (key_format == KEY_FORMAT_FLE2) ? MONGOCRYPT_ENC_KEY_LEN : MONGOCRYPT_KEY_LEN;
     if (key->len != expected_key_len) {
-        CLIENT_ERR("key should have length %d, but has length %d", expected_key_len, key->len);
+        CLIENT_ERR("key should have length %" PRIu32 ", but has length %" PRIu32, expected_key_len, key->len);
         return false;
     }
@@ -886,11 +888,13 @@ static bool _decrypt_step(_mongocrypt_crypto_t *crypto,
     *bytes_written = 0;
     if (MONGOCRYPT_IV_LEN != iv->len) {
-        CLIENT_ERR("IV should have length %d, but has length %d", MONGOCRYPT_IV_LEN, iv->len);
+        CLIENT_ERR("IV should have length %d, but has length %" PRIu32, MONGOCRYPT_IV_LEN, iv->len);
         return false;
     }
     if (MONGOCRYPT_ENC_KEY_LEN != enc_key->len) {
-        CLIENT_ERR("encryption key should have length %d, but has length %d", MONGOCRYPT_ENC_KEY_LEN, enc_key->len);
+        CLIENT_ERR("encryption key should have length %d, but has length %" PRIu32,
+                   MONGOCRYPT_ENC_KEY_LEN,
+                   enc_key->len);
         return false;
     }
@@ -986,8 +990,8 @@ static bool _mongocrypt_do_decryption(_mongocrypt_crypto_t *crypto,
         return false;
     }
     if (plaintext->len != expect_plaintext_len) {
-        CLIENT_ERR("output plaintext should have been allocated with %d bytes, "
-                   "but has: %d",
+        CLIENT_ERR("output plaintext should have been allocated with %" PRIu32 " bytes, "
+                   "but has: %" PRIu32,
                    expect_plaintext_len,
                    plaintext->len);
         return false;
@@ -1004,13 +1008,13 @@ static bool _mongocrypt_do_decryption(_mongocrypt_crypto_t *crypto,
     const uint32_t expected_key_len = (key_format == KEY_FORMAT_FLE2) ? MONGOCRYPT_ENC_KEY_LEN : MONGOCRYPT_KEY_LEN;
     if (expected_key_len != key->len) {
-        CLIENT_ERR("key should have length %d, but has length %d", expected_key_len, key->len);
+        CLIENT_ERR("key should have length %" PRIu32 ", but has length %" PRIu32, expected_key_len, key->len);
         return false;
     }
     const uint32_t min_cipherlen = _mongocrypt_calculate_ciphertext_len(0, mode, hmac, NULL);
     if (ciphertext->len < min_cipherlen) {
-        CLIENT_ERR("corrupt ciphertext - must be >= %d bytes", min_cipherlen);
+        CLIENT_ERR("corrupt ciphertext - must be >= %" PRIu32 " bytes", min_cipherlen);
         return false;
     }
@@ -1138,7 +1142,9 @@ static bool _mongocrypt_do_decryption(_mongocrypt_crypto_t *crypto,
         _mc_##name##_do_encryption,                                                                                    \
         _mc_##name##_do_decryption,                                                                                    \
     };                                                                                                                 \
-    const _mongocrypt_value_encryption_algorithm_t *_mc##name##Algorithm() { return &_mc##name##Algorithm_definition; }
+    const _mongocrypt_value_encryption_algorithm_t *_mc##name##Algorithm(void) {                                       \
+        return &_mc##name##Algorithm_definition;                                                                       \
+    }
 // FLE1 algorithm: AES-256-CBC HMAC/SHA-512-256 (SHA-512 truncated to 256 bits)
 DECLARE_ALGORITHM(FLE1, CBC, SHA_512_256)
@@ -1181,7 +1187,7 @@ bool _mongocrypt_random(_mongocrypt_crypto_t *crypto,
     BSON_ASSERT_PARAM(out);
     if (count != out->len) {
-        CLIENT_ERR("out should have length %d, but has length %d", count, out->len);
+        CLIENT_ERR("out should have length %" PRIu32 ", but has length %" PRIu32, count, out->len);
         return false;
     }
@@ -1233,11 +1239,11 @@ bool _mongocrypt_calculate_deterministic_iv(_mongocrypt_crypto_t *crypto,
     BSON_ASSERT_PARAM(out);
     if (MONGOCRYPT_KEY_LEN != key->len) {
-        CLIENT_ERR("key should have length %d, but has length %d\n", MONGOCRYPT_KEY_LEN, key->len);
+        CLIENT_ERR("key should have length %d, but has length %" PRIu32 "\n", MONGOCRYPT_KEY_LEN, key->len);
         goto done;
     }
     if (MONGOCRYPT_IV_LEN != out->len) {
-        CLIENT_ERR("out should have length %d, but has length %d\n", MONGOCRYPT_IV_LEN, out->len);
+        CLIENT_ERR("out should have length %d, but has length %" PRIu32 "\n", MONGOCRYPT_IV_LEN, out->len);
         goto done;
     }
@@ -1300,7 +1306,7 @@ bool _mongocrypt_wrap_key(_mongocrypt_crypto_t *crypto,
     _mongocrypt_buffer_init(encrypted_dek);
     if (dek->len != MONGOCRYPT_KEY_LEN) {
-        CLIENT_ERR("data encryption key is incorrect length, expected: %" PRIu32 ", got: %" PRIu32,
+        CLIENT_ERR("data encryption key is incorrect length, expected: %d, got: %" PRIu32,
                    MONGOCRYPT_KEY_LEN,
                    dek->len);
         goto done;
@@ -1348,9 +1354,7 @@ bool _mongocrypt_unwrap_key(_mongocrypt_crypto_t *crypto,
     dek->len = bytes_written;
     if (dek->len != MONGOCRYPT_KEY_LEN) {
-        CLIENT_ERR("decrypted key is incorrect length, expected: %" PRIu32 ", got: %" PRIu32,
-                   MONGOCRYPT_KEY_LEN,
-                   dek->len);
+        CLIENT_ERR("decrypted key is incorrect length, expected: %d, got: %" PRIu32, MONGOCRYPT_KEY_LEN, dek->len);
         return false;
     }
     return true;

data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx-datakey.c CHANGED Viewed

@@ -469,7 +469,8 @@ static bool _finalize(mongocrypt_ctx_t *ctx, mongocrypt_binary_t *out) {
     if (!(_stmt)) {                                                                                                    \
         bson_destroy(&key_doc);                                                                                        \
         return _mongocrypt_ctx_fail_w_msg(ctx, "unable to construct BSON doc");                                        \
-    }
+    } else                                                                                                             \
+        ((void)0)
     dkctx = (_mongocrypt_ctx_datakey_t *)ctx;
@@ -566,4 +567,4 @@ bool mongocrypt_ctx_datakey_init(mongocrypt_ctx_t *ctx) {
     ret = true;
 done:
     return ret;
-}
+}

data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx-decrypt.c CHANGED Viewed

@@ -29,19 +29,22 @@
 #define CHECK_AND_RETURN(cond)                                                                                         \
     if (!(cond)) {                                                                                                     \
         goto fail;                                                                                                     \
-    }
+    } else                                                                                                             \
+        ((void)0)
 #define CHECK_AND_RETURN_STATUS(cond, msg)                                                                             \
     if (!(cond)) {                                                                                                     \
         CLIENT_ERR(msg);                                                                                               \
         goto fail;                                                                                                     \
-    }
+    } else                                                                                                             \
+        ((void)0)
 #define CHECK_AND_RETURN_KB_STATUS(cond)                                                                               \
     if (!(cond)) {                                                                                                     \
         _mongocrypt_key_broker_status(kb, status);                                                                     \
         goto fail;                                                                                                     \
-    }
+    } else                                                                                                             \
+        ((void)0)
 static bool _replace_FLE2IndexedEncryptedValue_with_plaintext(void *ctx,
                                                               _mongocrypt_buffer_t *in,