c: specify static array size in function params

The C standard states:

  A declaration of a parameter as ``array of type'' shall be adjusted to ``qualified pointer to
  type'', where the type qualifiers (if any) are those specified within the [ and ] of the
  array type derivation. If the keyword static also appears within the [ and ] of the
  array type derivation, then for each call to the function, the value of the corresponding
  actual argument shall provide access to the first element of an array with at least as many
  elements as specified by the size expression.

By changing void func(int array[4]) to void func(int array[static 4]),
we automatically get the compiler checking argument sizes for us, which
is quite nice.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
This commit is contained in:
Jason A. Donenfeld 2016-07-27 11:30:05 +02:00
parent d6b3bc6948
commit 1b9a83c852
4 changed files with 10 additions and 10 deletions

View file

@ -90,7 +90,7 @@ static inline uint16_t parse_port(const char *value)
return port; return port;
} }
static inline bool parse_key(uint8_t key[WG_KEY_LEN], const char *value) static inline bool parse_key(uint8_t key[static WG_KEY_LEN], const char *value)
{ {
uint8_t tmp[WG_KEY_LEN + 1]; uint8_t tmp[WG_KEY_LEN + 1];
if (strlen(value) != b64_len(WG_KEY_LEN) - 1 || b64_pton(value, tmp, WG_KEY_LEN + 1) != WG_KEY_LEN) { if (strlen(value) != b64_len(WG_KEY_LEN) - 1 || b64_pton(value, tmp, WG_KEY_LEN + 1) != WG_KEY_LEN) {

View file

@ -337,7 +337,7 @@ static void fmonty(limb *x2, limb *z2, /* output 2Q */
* This function performs the swap without leaking any side-channel * This function performs the swap without leaking any side-channel
* information. * information.
*/ */
static void swap_conditional(limb a[5], limb b[5], limb iswap) static void swap_conditional(limb a[static 5], limb b[static 5], limb iswap)
{ {
unsigned i; unsigned i;
const limb swap = -iswap; const limb swap = -iswap;
@ -430,7 +430,7 @@ static void crecip(felem out, const felem z)
/* 2^255 - 21 */ fmul(out, t0, a); /* 2^255 - 21 */ fmul(out, t0, a);
} }
void curve25519(uint8_t mypublic[CURVE25519_POINT_SIZE], const uint8_t secret[CURVE25519_POINT_SIZE], const uint8_t basepoint[CURVE25519_POINT_SIZE]) void curve25519(uint8_t mypublic[static CURVE25519_POINT_SIZE], const uint8_t secret[static CURVE25519_POINT_SIZE], const uint8_t basepoint[static CURVE25519_POINT_SIZE])
{ {
limb bp[5], x[5], z[5], zmone[5]; limb bp[5], x[5], z[5], zmone[5];
uint8_t e[32]; uint8_t e[32];
@ -1104,7 +1104,7 @@ static void fmonty(limb *x2, limb *z2, /* output 2Q */
* reduced-degree form: the values in a[10..19] or b[10..19] aren't swapped, * reduced-degree form: the values in a[10..19] or b[10..19] aren't swapped,
* and all all values in a[0..9],b[0..9] must have magnitude less than * and all all values in a[0..9],b[0..9] must have magnitude less than
* INT32_MAX. */ * INT32_MAX. */
static void swap_conditional(limb a[19], limb b[19], limb iswap) static void swap_conditional(limb a[static 19], limb b[static 19], limb iswap)
{ {
unsigned i; unsigned i;
const int32_t swap = (int32_t) -iswap; const int32_t swap = (int32_t) -iswap;
@ -1235,7 +1235,7 @@ static void crecip(limb *out, const limb *z)
/* 2^255 - 21 */ fmul(out,t1,z11); /* 2^255 - 21 */ fmul(out,t1,z11);
} }
void curve25519(uint8_t mypublic[CURVE25519_POINT_SIZE], const uint8_t secret[CURVE25519_POINT_SIZE], const uint8_t basepoint[CURVE25519_POINT_SIZE]) void curve25519(uint8_t mypublic[static CURVE25519_POINT_SIZE], const uint8_t secret[static CURVE25519_POINT_SIZE], const uint8_t basepoint[static CURVE25519_POINT_SIZE])
{ {
limb bp[10], x[10], z[11], zmone[10]; limb bp[10], x[10], z[11], zmone[10];
uint8_t e[32]; uint8_t e[32];
@ -1251,7 +1251,7 @@ void curve25519(uint8_t mypublic[CURVE25519_POINT_SIZE], const uint8_t secret[CU
} }
#endif #endif
void curve25519_generate_public(uint8_t *pub, const uint8_t *secret) void curve25519_generate_public(uint8_t pub[static CURVE25519_POINT_SIZE], const uint8_t secret[static CURVE25519_POINT_SIZE])
{ {
static const uint8_t basepoint[CURVE25519_POINT_SIZE] = { 9 }; static const uint8_t basepoint[CURVE25519_POINT_SIZE] = { 9 };
curve25519(pub, secret, basepoint); curve25519(pub, secret, basepoint);

View file

@ -10,9 +10,9 @@ enum curve25519_lengths {
CURVE25519_POINT_SIZE = 32, CURVE25519_POINT_SIZE = 32,
}; };
void curve25519(uint8_t *mypublic, const uint8_t *secret, const uint8_t *basepoint); void curve25519(uint8_t mypublic[static CURVE25519_POINT_SIZE], const uint8_t secret[static CURVE25519_POINT_SIZE], const uint8_t basepoint[static CURVE25519_POINT_SIZE]);
void curve25519_generate_public(uint8_t *pub, const uint8_t *secret); void curve25519_generate_public(uint8_t pub[static CURVE25519_POINT_SIZE], const uint8_t secret[static CURVE25519_POINT_SIZE]);
static inline void curve25519_normalize_secret(uint8_t secret[CURVE25519_POINT_SIZE]) static inline void curve25519_normalize_secret(uint8_t secret[static CURVE25519_POINT_SIZE])
{ {
secret[0] &= 248; secret[0] &= 248;
secret[31] &= 127; secret[31] &= 127;

View file

@ -78,7 +78,7 @@ static void sort_peers(struct wgdevice *device)
static const uint8_t zero[WG_KEY_LEN] = { 0 }; static const uint8_t zero[WG_KEY_LEN] = { 0 };
static char *key(const unsigned char key[WG_KEY_LEN]) static char *key(const unsigned char key[static WG_KEY_LEN])
{ {
static char b64[b64_len(WG_KEY_LEN)]; static char b64[b64_len(WG_KEY_LEN)];
if (!memcmp(key, zero, WG_KEY_LEN)) if (!memcmp(key, zero, WG_KEY_LEN))