forked from clearlinux/cve-check-tool
-
Notifications
You must be signed in to change notification settings - Fork 2
/
HACKING
128 lines (100 loc) · 4.36 KB
/
HACKING
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
Hacking cve-check-tool
----------------------
Indentation is strictly 8 spaces (set tab stops to 8 spaces) - No tabs
No spaces between function name and parentheses. Only use space after
"if (", etc.
Curly braces must be on the same line (i.e. expressions) unless it
is the function declaration:
Acceptable:
int main(int argc, char **argv)
{
if (someThingOrOther) {
// Do something
}
return 0;
}
Unacceptable:
int main(int argc, char **argv) {
if(someThingOrOther)
{
// Do something
}
return 0;
}
When appropriate remember to declare your function first! It helps when
looking back through the file.
Use consistent pointers! "*" should prefix your variable name. Also ensure
your pointers (where appropriate) are not left uninitialized, resulting
in broken g_free() calls.
Acceptable:
char *something = NULL;
doFunc(&something);
Unacceptable:
char* something;
doFunc(&someThing);
Minimise your use of "goto"'s, and test every code path is reached. Also
ensure *every* if/else, etc, even if single line, is wrapped in curly braces.
Memory management:
------------------
cve-check-tool prefers a scope-based approach to memory management,
employing a RAII-like system for allocations. Where possible, avoid
explicit free's and reuse of unrelated variables.
util.h defines a number of autofree()-ready types. These are implemented
using __attribute__ ((cleanup(x))), available in GCC and Clang. Thus,
MSVC (and potentially other compilers) are not supported.
An autofree variable is declared using the autofree() macro, which is
primarily provided for syntatical sugar. Here is an example of a
variable that is automatically reaped/freed when it goes out of scope:
autofree(GError) *error = NULL;
Remember that these *are* scope sensitive, so the following would result
in undefined behaviour:
gchar *somestr = NULL;
{
autofree(gchar) *str = g_strdup_printf("Scoped string\n");
somestr = str;
}
printf("%s: %d\n", somestr, strlen(somestr));
At this point, 'str' has been freed, and somestr still points to the
memory that has now been freed.
As a rule of thumb, if you find yourself in an instance where you have
used an explicit free/unref in a fashion that could be automated, you
should define the cleanup function in util.h (see DEF_AUTOFREE)
C99 vs GLibisms
---------------
cve-check-tool is implemented using C99 (not GNU C99) and as such must
build with either GCC or Clang using C99 mode (-std=c99). We use the
stdbool type "bool", and public methods should use these in place of
GLib's "gboolean" (which is an integer)
Unless absolutely required, prefer non GIO/GLib methods, as they are
known to cause leaks, and introduce non-portable changes for a high
cost. An example of this is gio leaking both memory and file descriptors
on exit.
Currently there is an ongoing effort to strip all of GIO/GLib usage from
cve-check-tool, so when writing new code please avoid using these libraries.
String Handling
---------------
Internally some code paths may still make use of g_strdup, strdup, asprintf,
etc. Note that the use of the 'strlen' function is not permitted within
cve-check-tool. If you require access to a string length, then please use
the safe cve_string functions:
/* duplicate a string and compare it*/
cve_string *str = cve_string_dup("some text");
if (cve_string_const_equal(str, "some text")) {
printf("Equal\n");
}
cve_string_free(str);
/* printf style dup */
cve_string *str = cve_string_dup_printf("X is: %d", x);
/* Access internal string and length */
printf("String (len: %d): %s\n", str->len, str->str);
Also note scope based autofree helpers exist for cve_string, so you should
only rarely need to manually free a cve_string:
{
autofree(cve_string) *str = NULL;
str = cve_string_dup("some text");
} /* Out of scope, now freed */
Pull Requests/commiting:
------------------------
Commits should clearly define the purpose in less than 80 columns in
the first line. Futher expansion, if needed, should be provided in a
following paragraph, separated by one blank line.