On Fri, Nov 21, 2008 at 7:34 AM, DanKegel <[EMAIL PROTECTED]> wrote: > > ..., I noticed that nss does not > use const on interfaces everywhere one would > expect it. In particular, > CERT_DecodeCertFromPackage and CERT_DecodeTrustString > both take char * where they should probably take const char *. > > What's the procedure for fixing minor defects like that?
It's best to file a bug report at https://bugzilla.mozilla.org/enter_bug.cgi?product=NSS. You need to get an account first: https://bugzilla.mozilla.org/createaccount.cgi I looked at both of these functions. It's trivial to make CERT_DecodeTrustString take a const char *. I have a patch: https://bugzilla.mozilla.org/show_bug.cgi?id=466194 CERT_DecodeCertFromPackage is more work. 1., it uses our SECItem structures to point to portions of the input buffer. Unfortunately SECItem's 'data' pointer is a "unsigned char*" pointer, and using 'const SECItem' won't help. 2. I found one code path where CERT_DecodeCertFromPackage stores a null character '\0' in the input buffer so it can pass a shorter string to some other function. And it doesn't restore that character afterwards. I think we should at least fix the function so that it restores the input buffer on return. Wan-Teh _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
