internal.c: extract functions to make code cleaner#10841
Conversation
|
5ac2cb8 to
d47fff1
Compare
wolfSSL-Fenrir-bot
left a comment
There was a problem hiding this comment.
Fenrir Automated Review — PR #10841
Scan targets checked: wolfssl-bugs, wolfssl-src
Findings: 1
1 finding(s) posted as inline comments (see file-level comments below)
This review was generated automatically by Fenrir. Findings are non-blocking.
bebac71 to
9138119
Compare
dgarske
left a comment
There was a problem hiding this comment.
Skoll Code Review
Scan type: reviewOverall recommendation: COMMENT
Findings: 2 total — 2 posted, 0 skipped
2 finding(s) posted as inline comments (see file-level comments below)
Posted findings
- [Info] New block scopes introduced solely to declare helper-return variables —
src/internal.c:7445-7449, 14615-14621, 14704-14708, 14713-14717, 14770-14774 - [Info] skipAddCA now set unconditionally before pending-CA helper call —
src/internal.c:17494-17499
Review generated by Skoll
| * the context has a well defined role. */ | ||
| if (newSSL || ctx->method->side != WOLFSSL_NEITHER_END) { | ||
| ssl->options.side = (word16)(ctx->method->side); | ||
| #ifndef NO_CERTS |
There was a problem hiding this comment.
⚪ [Info] New block scopes introduced solely to declare helper-return variables
The refactor introduces bare { int certRet = ...; } and { int copyRet = ...; } scopes purely to hold a helper's return value. The project C89 style rule states "No new { ... } scope just to declare." That said, this deviation is functionally justified: in SetSSL_CTX a separate certRet is required because assigning the helper's 0-on-success result into the function-level ret would clobber the WOLFSSL_SUCCESS value that must be returned on the writeDup != 0 path; in CopyDecodedToX509 the copyRet pattern preserves error-code priority (only overwrite ret when the new op fails). So the choice is correct, just stylistically at odds with the stated convention.
Fix: Acceptable as-is given the semantics. Optionally hoist the temp declaration to the top of the enclosing function/block to match the C89 convention, but do NOT reuse the function-level ret in SetSSL_CTX (that would change the success return value).
There was a problem hiding this comment.
Hoisted the block-scope temps (C89 "no new scope just to declare")
| @@ -16672,52 +17492,9 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx, | |||
| #endif | |||
| #if defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2) | |||
| if (ret == 0 && addToPendingCAs && !alreadySigner) { | |||
There was a problem hiding this comment.
⚪ [Info] skipAddCA now set unconditionally before pending-CA helper call
In the original inline code, skipAddCA = 1; was set only after ParseCert/AllocDer/MakeSigner/FillSigner all succeeded (just before TLSX_CSR2_AddPendingSigner). The refactor moves skipAddCA = 1; to run unconditionally before ProcessPeerCertAddPendingCA(). This is behaviorally equivalent because skipAddCA is only consulted later under an if (ret == 0 && ... && !skipAddCA) guard (line 17504-17505), and any failure inside the helper returns non-zero and immediately goto exit_ppc, so the differing skipAddCA value on the error path is never read. Flagging only so the intent is documented.
Fix: No change required; behavior is preserved. Optionally add a brief comment noting skipAddCA only matters on the ret==0 continuation path.
There was a problem hiding this comment.
Added a comment at the ProcessPeerCertAddPendingCA call site (no behavior change), capturing this.
dgarske
left a comment
There was a problem hiding this comment.
This refactor looks great. There is a few empty braces in the refactor. I did a function by function review and the refactor looks good.
9138119 to
9918a11
Compare
|
Jenkins: retest this please |
Description
Extracted to functions pieces of code from very long functions.
Testing
enable-all