[gnutls-devel] GnuTLS | restrict allowlisting api to before priority string initialization (!1533)

Read-only notification of GnuTLS library development activities gnutls-devel at lists.gnutls.org
Wed Feb 16 18:33:36 CET 2022 


Merge request https://gitlab.com/gnutls/gnutls/-/merge_requests/1533 was reviewed by Daiki Ueno

--
  
Daiki Ueno started a new discussion on lib/priority.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1533#note_845306639

> +		_gnutls_debug_log("cfg: unable to construct "
> +				  "system-wide priority string: %s",
> +				  strerror(ret));

`gnutls_strerror`?

--
  
Daiki Ueno started a new discussion on lib/priority.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1533#note_845306671

> -		goto out;
> +	if (system_priority_file_loaded) {
> +		system_priority_file_loaded = \

no need for the trailing backslash

--
  
Daiki Ueno started a new discussion on lib/priority.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1533#note_845306676

>  
> -	ret = _gnutls_update_system_priorities();
> +	ret = _gnutls_update_system_priorities(1 /* defer_system_wide */);

Let's just use `true`

--
  
Daiki Ueno started a new discussion on lib/priority.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1533#note_845306679

>  	 */
> -	ret = _gnutls_update_system_priorities();
> +	ret = _gnutls_update_system_priorities(0 /* defer_system_wide */);

`false`

--
  
Daiki Ueno started a new discussion on lib/config_int.h: https://gitlab.com/gnutls/gnutls/-/merge_requests/1533#note_845306702

> + */
> +
> +#define COPY_ARRAY_NULL_TERMINATE(dst, src, len) \

I'd rather define this kind of procedural macros an inline function, to avoid variable name clash, to make it easier to debug, etc. As for the implementation, can't we simply use `memcpy`?

--
  
Daiki Ueno started a new discussion on lib/config_int.h: https://gitlab.com/gnutls/gnutls/-/merge_requests/1533#note_845306710

> + */
> +
> +#define APPEND_TO_NULL_TERMINATED_ARRAY(dst, element) \

Let's make it an inline function.

--
  
Daiki Ueno started a new discussion on lib/priority.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1533#note_845306726

> +	(void)gnutls_rwlock_unlock(&system_wide_config_rwlock);
> +	return ret;
> +#endif

Not an issue in this MR, but I'd add `#else` to avoid unreachable code.


-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1533
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20220216/29beca6e/attachment-0001.html>

More information about the Gnutls-devel mailing list