-
Chris Webb authored
The array types duplex_t, x25519_t, secret_t and share_t are convenient and ergonomic as they can be passed by reference without noisy syntax. However, using sizeof() on an array-typed parameter is a potential trap as it gives the pointer size, not the array size. This mistake is so common that both clang and gcc detect and warn about it by default. Define duplex_size, x25519_size, secret_size and share_size to make these errors less tempting, and set a good example by using them throughout the tests and examples. As in x25519.c, given that C99 and C11 have decided that const ints aren't integer constants, use anonymous enums to create 'sufficiently constant' identifiers for non-variable-length array declarations without resorting to preprocessor macros.
e09cca2dChris Webb authoredThe array types duplex_t, x25519_t, secret_t and share_t are convenient and ergonomic as they can be passed by reference without noisy syntax. However, using sizeof() on an array-typed parameter is a potential trap as it gives the pointer size, not the array size. This mistake is so common that both clang and gcc detect and warn about it by default. Define duplex_size, x25519_size, secret_size and share_size to make these errors less tempting, and set a good example by using them throughout the tests and examples. As in x25519.c, given that C99 and C11 have decided that const ints aren't integer constants, use anonymous enums to create 'sufficiently constant' identifiers for non-variable-length array declarations without resorting to preprocessor macros.
Loading