Unlike assert(3), which uses abort(3), this has no other side effects (before raising SIGABRT) than an fprintf() call. The test framework will catch the SIGABRT, report that the test case failed, and proceed with the next case.
It is reasonable to assume that a SIGABRT originates from a call to abort(3), either directly or via assert(3). Both the C standard and POSIX give the implementation great latitude with regard to abort(3)'s behavior, and both explicitly mention that it may close all streams before raising SIGABRT. This means that we cannot safely proceed after a call to abort(3). One could argue that we can't safely proceed after a SIGBUS or SIGSEGV either, but in practice, the damage is usually quite limited.
It does not seem that gcc accepts casting to void as an alternative to actually checking the result. The only recourse we have is to disable the warning.
All further instances of asprintf() or vasprintf() in our codebase are either in libcryb-test or in individual unit tests, and in all cases, the only consequence of a failed call is that the result will say "no description" instead of either a description of the test or an explanation of how it failed. Therefore, we can simply ignore the problem and cast the call to void to satisfy gcc.
This is actually redundant, because we already check the pointer, which is NULL if and only if asprintf() fails and returns < 0, but the version of gcc used by Travis CI insists. I have not been able to reproduce the issue on any other platform available to me.
POSIX requires <stdio.h> and <unistd.h> to define off_t and ssize_t like <sys/types.h> does, but not all platforms respect that. Play it safe by always including <sys/types.h>.
Instead of having libcryb-test provide main() and assume that the test program defines t_prepare() and t_cleanup(), have libcryb-test provide a t_main() function which the test program calls with pointers to its prepare and cleanup functions.
When decoding a trigram, percent_decode() would correctly increment the input pointer by an extra two characters (three total) but would not decrement the input length by the same amount. This would result in a buffer over-read when decoding unterminated strings.
