Re: [opensc-devel] Small constants fixup

Sun, 24 Apr 2011 04:18:00 -0700 

Le 23/04/2011 23:59, NdK a écrit :
> Hello all.
>
> Just noticed that there's a constant defined for maximum number of ACLs,
> but the raw value is used in the code. This should fix it at least in
> pkcs15-lib.c :
>
> $ diff -u pkcs15-lib.c.ori pkcs15-lib.c
> --- pkcs15-lib.c.ori    2010-12-22 18:14:39.000000000 +0100
> +++ pkcs15-lib.c        2011-04-23 23:49:36.000000000 +0200
> @@ -3296,14 +3296,14 @@
>
>           SC_FUNC_CALLED(ctx, SC_LOG_DEBUG_NORMAL);
>           for (op = 0; r == 0&&  op<  SC_MAX_AC_OPS; op++) {
> -               struct sc_acl_entry acls[16];
> +               struct sc_acl_entry acls[SC_PKCS15INIT_MAX_OPTIONS];

The using of SC_PKCS15INIT_MAX_OPTIONS is not appropriate in this context.
SC_PKCS15INIT_MAX_OPTIONS is the number of profile options that can be defined 
as an argument for the pkcs15init operations .

If you want to 'marconize' the raw value, you should introduce a new macro,
something like SC_MAX_OP_ACS -- maximal number of access conditions that can be 
defined for one card operation.
It's different from SC_MAX_AC_OPS -- maximal number of distinct card operations 
that can be protected by some access condition.


>                   const struct sc_acl_entry *acl;
>                   const char      *what;
>                   int             added = 0, num, ii;
>
>                   /* First, get original ACLs */
>                   acl = sc_file_get_acl_entry(file, op);
> -               for (num = 0; num<  16&&  acl; num++, acl = acl->next)
> +               for (num = 0; num<  SC_PKCS15INIT_MAX_OPTIONS&&  acl;
> num++, acl = acl->next)
>                           acls[num] = *acl;
>
>                   sc_file_clear_acl_entries(file, op);
>
> Quite trivial, but should reduce errors if/when that constant will be
> changed.
>
> '16' is used in other places, too... Maybe another #define could be
> useful (for example: is it mandatory or arbitrary that a PIN name cannot
> exceed 16 chars? ).
>
> BYtE,
>    Diego.

Kind wishes,
Viktor.

> _______________________________________________
> opensc-devel mailing list
> opensc-devel@lists.opensc-project.org
> http://www.opensc-project.org/mailman/listinfo/opensc-devel
>


-- 
Viktor Tarasov  <viktor.tara...@opentrust.com>

_______________________________________________
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel

Reply via email to