Closed Bug 518255 Opened 15 years ago Closed 15 years ago

The input buffer for SGN_Update should be declared const

Categories

(NSS :: Libraries, defect)

Product:
NSS
Component:
Libraries
Type:
defect
Priority:
Not set
Severity:
minor

Tracking

(Not tracked)

Status:
RESOLVED FIXED
Milestone:
3.12.6

People

(Reporter: wtc, Assigned: wtc)

Details

Attachments

(2 files)

Proposed patch (checked in)
1.97 KB, patch
nelson
: review+
Details | Diff | Splinter Review
Add const to SEC_SignData and VFY_VerifyData (checked in)
4.88 KB, patch
alvolkov.bgs
: review+
Details | Diff | Splinter Review
The input buffer for SGN_Update should be declared const. The input buffer is passed to cx->hashobj->update(): http://bonsai.mozilla.org/cvsblame.cgi?file=mozilla/security/nss/lib/cryptohi/secsign.c&rev=1.20&mark=143,149#142 which declares its input buffer as const: http://bonsai.mozilla.org/cvsblame.cgi?file=mozilla/security/nss/lib/freebl/hasht.h&rev=1.7&mark=74,80#71 So no other changes are needed.
Attachment #402240 - Flags: review?(alexei.volkov.bugs)
Status: NEW → ASSIGNED
Target Milestone: --- → 3.12.5
Version: 3.12.5 → unspecified
Attachment #402240 - Flags: review?(alexei.volkov.bugs) → review+
Comment on attachment 402240 [details] [diff] [review] Proposed patch (checked in) r=nelson
Comment on attachment 402240 [details] [diff] [review] Proposed patch (checked in) I checked in this patch on the NSS trunk for NSS 3.12.5. Checking in cryptohi.h; /cvsroot/mozilla/security/nss/lib/cryptohi/cryptohi.h,v <-- cryptohi.h new revision: 1.13; previous revision: 1.12 done Checking in secsign.c; /cvsroot/mozilla/security/nss/lib/cryptohi/secsign.c,v <-- secsign.c new revision: 1.21; previous revision: 1.20 done
Attachment #402240 - Attachment description: Proposed patch → Proposed patch (checked in)
I reviewed the other functions declared in cryptohi.h, and found two more functions whose parameters should also be declared as const. Note: SEC_DerSignData's input parameter 'buf' should also be declared as const, but it requires a cast to cast away the const when we assign 'buf' to a SECItem's data member. The code reviewer would need to verify it's safe to do that. So I omitted that change to keep this patch simple.
Attachment #402581 - Flags: review?(alexei.volkov.bugs)
Wan-Teh, are you still working on this issue (whatever it is?) Do you think you will continue to find more changes of this sort? If so, let's wait until you think you've found them all and you have produced a "final" patch before doing more reviews.
This is the final patch. I limit the scope of this bug to the functions declared in cryptohi.h.
Comment on attachment 402581 [details] [diff] [review] Add const to SEC_SignData and VFY_VerifyData (checked in) r=alexei
Attachment #402581 - Flags: review?(alexei.volkov.bugs) → review+
Comment on attachment 402581 [details] [diff] [review] Add const to SEC_SignData and VFY_VerifyData (checked in) I checked in this patch on the NSS trunk (NSS 3.12.6). Checking in cryptohi.h; /cvsroot/mozilla/security/nss/lib/cryptohi/cryptohi.h,v <-- cryptohi.h new revision: 1.14; previous revision: 1.13 done Checking in secsign.c; /cvsroot/mozilla/security/nss/lib/cryptohi/secsign.c,v <-- secsign.c new revision: 1.22; previous revision: 1.21 done Checking in secvfy.c; /cvsroot/mozilla/security/nss/lib/cryptohi/secvfy.c,v <-- secvfy.c new revision: 1.23; previous revision: 1.22 done
Attachment #402581 - Attachment description: Add const to SEC_SignData and VFY_VerifyData → Add const to SEC_SignData and VFY_VerifyData (checked in)
Status: ASSIGNED → RESOLVED
Closed: 15 years ago
Resolution: --- → FIXED
Target Milestone: 3.12.5 → 3.12.6
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: