fix extra warnings when building with -Wwrite-strings #5096
Conversation
elliefm
force-pushed
the
v311/wwrite-strings
branch
2 times, most recently
from
cdf4429
to
45d5e82
Compare
|
Why not changing: --- a/imap/http_dav.h
+++ b/imap/http_dav.h
@@ -324,7 +324,7 @@ struct prop_entry {
int (*put)(xmlNodePtr prop, /* Callback to write property */
unsigned set, struct proppatch_ctx *pctx,
struct propstat *propstat, void *rock);
- void *rock; /* Add'l data to pass to callback */
+ const void *rock; /* Add'l data to pass to callback */
};
/* Bitmask of property flags */and not modifying http_caldav.c? |
* imparse_astring() retval is char *, don't use "" * imparse_range() doesn't need to modify its input
bunch of things ask for "char *" but expect to be called with named string literals
elliefm
force-pushed
the
v311/wwrite-strings
branch
from
73defc1
to
cfa59ca
Compare
elliefm
force-pushed
the
v311/wwrite-strings
branch
from
acf1e1a
to
8e5dc35
Compare
Because it's not always const for all callbacks that use it. e.g. for "supported-method-set", this field is a pointer to another callback function. |
I see that the PR does explicitly cast away the const from some string literals. But doesn't this indicate that either the API expecting a non-const is broken, or passing the string literal is wrong/dangerous? |
Yep. In the cases where I just shut it up with a cast, it was because it didn't seem worth the effort (right now) to fix the API or implementation in question. We can be reasonably assured that these specific cases are safe, since we aren't seeing the kind of crashes that would occur if they weren't. A lot of this this stuff isn't well tested, so even though I could potentially do some refactoring to handle the strings more sanely, it would be hard to prove that my refactoring hadn't introduced other bugs. Shutting up the warnings in these cases will let us collectively enable But I do think it would be good to fix those APIs and implementations properly! Ideally, we'd never ever need to cast away const from a string literal. But on balance, I think getting to the point where we can always use |
|
When I asked here why the interfaces are not changed to require |
I explains the casts you each asked about; they were different casts, and had different explanations. |
This PR fixes all the new warnings that appear when compiling with the
-Wwrite-stringsC dialect option (in which string literals have typeconst char[]rather thanchar[] that will crash if you modify it). This option is nice because it means the compiler's usual discarded-qualifiers warnings will now also protect us from doing dodgy stuff with string literals (unless we silence the warning with an explicit cast).It also adds this option to CFLAGS in tools/build-with-cyruslibs.sh, which means once this is merged, all our Github CI runs will be built with this option, and will yell at us if we do dodgy stuff without at least a cast to shut it up.
There were lots of very similar fixes, which I've grouped up approximately one commit per type of fix. I suggest reviewing it commit by commit. You might also want to add -Wwrite-strings to your own local build options after this lands.