New 0.95 API concerns
Eugene Crosser <crosser <at> average.org>
2009-03-02 09:39:47 GMT
I have a couple of concerns about the new libclamav API introduced in
0.95 (rc1). I understand the reason to remove cl_limits structure, but I
think that the way it was done is, hmm, suboptimal.
cl_engine_set() and cl_engine_get() accessors have void* for the
argument, which may point to different type of variables: uint32, uint64
or char. The type of expected argument is dependent on the value of
cl_engine_field, and there is no type check of any kind, i.e. nothing
that prevents passing of e.g. a char pointer where in32 pointer was
expected. If, by chance, the types of arguments change in a future
release, the user program will recompile cleanly, and the change won't
be noticed. It's actually worse than it was when cl_limits was exposed:
when you assigned a value to a field of cl_limits structure, at least
basic type checking (and/or automatic conversion) was performed.
To mitigate this problem (if you *really* want to get rid of cl_limits
structure exposed to the user), you might introduce separate pairs of
accessor functions for different types of arguments, e.g.:
This way, there will be no chance to pass the argument of wrong type.
And here we are coming to my second concern. By requiring the the user
to use bit-size-specific types (uint32_t, uint64_t), you force them to
deploy all the dark magic of having these types defined portably on