[libvirt] [PATCH v4 04/13] _virConnectCredential: turn @prompt into char *
Eric Blake
eblake at redhat.com
Mon May 20 23:24:43 UTC 2013
On 05/20/2013 11:55 AM, Michal Privoznik wrote:
> Currently, @prompt member within _virConnectCredential struct is const
> char. This violates const correctness as we are not just strdup()-ing
> the value, we are even changing it (e.g. in virNetSSHKbIntCb()).
> ---
> include/libvirt/libvirt.h.in | 2 +-
> src/remote/remote_driver.c | 2 +-
> 2 files changed, 2 insertions(+), 2 deletions(-)
I am not comfortable with this one. This is an API change that WILL
cause compilation to fail on anyone that compiled against the old type.
>
> diff --git a/include/libvirt/libvirt.h.in b/include/libvirt/libvirt.h.in
> index 1804c93..1bd3d1a 100644
> --- a/include/libvirt/libvirt.h.in
> +++ b/include/libvirt/libvirt.h.in
> @@ -1294,7 +1294,7 @@ typedef enum {
>
> struct _virConnectCredential {
> int type; /* One of virConnectCredentialType constants */
> - const char *prompt; /* Prompt to show to user */
> + char *prompt; /* Prompt to show to user */
Is the USER allowed to change prompt? Or is the only place where it is
changed our internal code?
> const char *challenge; /* Additional challenge to show */
> const char *defresult; /* Optional default result */
> char *result; /* Result to be filled with user response (or defresult) */
Remember, the user WILL be changing result.
> diff --git a/src/remote/remote_driver.c b/src/remote/remote_driver.c
> index 13212d0..97be2a0 100644
> --- a/src/remote/remote_driver.c
> +++ b/src/remote/remote_driver.c
> @@ -3733,7 +3733,7 @@ static int remoteAuthMakeCredentials(sasl_interact_t *interact,
> }
> if (interact[*ncred].challenge)
> (*cred)[*ncred].challenge = interact[ninteract].challenge;
> - (*cred)[*ncred].prompt = interact[ninteract].prompt;
> + (*cred)[*ncred].prompt = (char *) interact[ninteract].prompt;
I'm still not convinced this is right. Is casting away const
sufficient, or should we be strdup'ing here?
> if (interact[*ncred].defresult)
> (*cred)[*ncred].defresult = interact[ninteract].defresult;
> (*cred)[*ncred].result = NULL;
>
I'd really like someone else to weigh in on this one.
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 621 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20130520/63b5f1e2/attachment-0001.sig>
More information about the libvir-list
mailing list