You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I was testing clsync so handler and found that clsync API is unstable due to its dependence on defines.
E.g. when compiling helper module I found that ctx_p->watchdir contains "nolabel" instead of watchdir. This happend due to 1 element shift due to #ifdef CAPABILITIES_SUPPORT:
so handler was compiled without -DCAPABILITIES_SUPPORT while clsync had it enabled.
This is a serious security issue as it may lead to memory corruption easily.
We must find a way to guarantee the same API usage for both clsync and so-handlers.
IMHO the simplest and safest way will be to remove all #ifdef conditionals from public headers at all (except for a stuff defined in these public headers). This will increase memory usage a bit, but we already have a lot of predefined arrays (instead of malloc'ed), so this is not an issue.
Alternative solution will be to provide clsync.pc file with required CPPFLAGS. But this is not enought and there should be some runtime way to check that clsync API matches so-handler API.
I'm voting for ifdef-free public API.
And please, bump CLSYNC_API_VERSION each time public api changes (or add some hook doing so).
The text was updated successfully, but these errors were encountered:
I was testing clsync so handler and found that clsync API is unstable due to its dependence on defines.
E.g. when compiling helper module I found that ctx_p->watchdir contains "nolabel" instead of watchdir. This happend due to 1 element shift due to #ifdef CAPABILITIES_SUPPORT:
so handler was compiled without -DCAPABILITIES_SUPPORT while clsync had it enabled.
This is a serious security issue as it may lead to memory corruption easily.
We must find a way to guarantee the same API usage for both clsync and so-handlers.
IMHO the simplest and safest way will be to remove all #ifdef conditionals from public headers at all (except for a stuff defined in these public headers). This will increase memory usage a bit, but we already have a lot of predefined arrays (instead of malloc'ed), so this is not an issue.
Alternative solution will be to provide clsync.pc file with required CPPFLAGS. But this is not enought and there should be some runtime way to check that clsync API matches so-handler API.
I'm voting for ifdef-free public API.
And please, bump CLSYNC_API_VERSION each time public api changes (or add some hook doing so).
The text was updated successfully, but these errors were encountered: