Closed Bug 518255 Opened 15 years ago Closed 14 years ago

The input buffer for SGN_Update should be declared const

Categories

(NSS :: Libraries, defect)

defect
Not set
minor

Tracking

(Not tracked)

RESOLVED FIXED
3.12.6

People

(Reporter: wtc, Assigned: wtc)

Details

Attachments

(2 files)

The input buffer for SGN_Update should be declared const.

The input buffer is passed to cx->hashobj->update():

http://bonsai.mozilla.org/cvsblame.cgi?file=mozilla/security/nss/lib/cryptohi/secsign.c&rev=1.20&mark=143,149#142

which declares its input buffer as const:

http://bonsai.mozilla.org/cvsblame.cgi?file=mozilla/security/nss/lib/freebl/hasht.h&rev=1.7&mark=74,80#71

So no other changes are needed.
Attachment #402240 - Flags: review?(alexei.volkov.bugs)
Status: NEW → ASSIGNED
Target Milestone: --- → 3.12.5
Version: 3.12.5 → unspecified
Attachment #402240 - Flags: review?(alexei.volkov.bugs) → review+
Comment on attachment 402240 [details] [diff] [review]
Proposed patch (checked in)

r=nelson
Comment on attachment 402240 [details] [diff] [review]
Proposed patch (checked in)

I checked in this patch on the NSS trunk for NSS 3.12.5.

Checking in cryptohi.h;
/cvsroot/mozilla/security/nss/lib/cryptohi/cryptohi.h,v  <--  cryptohi.h
new revision: 1.13; previous revision: 1.12
done
Checking in secsign.c;
/cvsroot/mozilla/security/nss/lib/cryptohi/secsign.c,v  <--  secsign.c
new revision: 1.21; previous revision: 1.20
done
Attachment #402240 - Attachment description: Proposed patch → Proposed patch (checked in)
I reviewed the other functions declared in cryptohi.h,
and found two more functions whose parameters should
also be declared as const.

Note: SEC_DerSignData's input parameter 'buf' should also
be declared as const, but it requires a cast to cast away
the const when we assign 'buf' to a SECItem's data member.
The code reviewer would need to verify it's safe to do
that.  So I omitted that change to keep this patch simple.
Attachment #402581 - Flags: review?(alexei.volkov.bugs)
Wan-Teh, are you still working on this issue (whatever it is?) 
Do you think you will continue to find more changes of this sort?
If so, let's wait until you think you've found them all and you have 
produced a "final" patch before doing more reviews.
This is the final patch.  I limit the scope of this bug to
the functions declared in cryptohi.h.
Comment on attachment 402581 [details] [diff] [review]
Add const to SEC_SignData and VFY_VerifyData (checked in)

r=alexei
Attachment #402581 - Flags: review?(alexei.volkov.bugs) → review+
Comment on attachment 402581 [details] [diff] [review]
Add const to SEC_SignData and VFY_VerifyData (checked in)

I checked in this patch on the NSS trunk (NSS 3.12.6).

Checking in cryptohi.h;
/cvsroot/mozilla/security/nss/lib/cryptohi/cryptohi.h,v  <--  cryptohi.h
new revision: 1.14; previous revision: 1.13
done
Checking in secsign.c;
/cvsroot/mozilla/security/nss/lib/cryptohi/secsign.c,v  <--  secsign.c
new revision: 1.22; previous revision: 1.21
done
Checking in secvfy.c;
/cvsroot/mozilla/security/nss/lib/cryptohi/secvfy.c,v  <--  secvfy.c
new revision: 1.23; previous revision: 1.22
done
Attachment #402581 - Attachment description: Add const to SEC_SignData and VFY_VerifyData → Add const to SEC_SignData and VFY_VerifyData (checked in)
Status: ASSIGNED → RESOLVED
Closed: 14 years ago
Resolution: --- → FIXED
Target Milestone: 3.12.5 → 3.12.6
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: