Bodo Moeller wrote:
>
> On Sat, May 15, 1999 at 10:25:30PM +0100, Ben Laurie wrote:
>
> >> typedef unsigned char des_cblock[8];
> >> typedef const unsigned char const_des_cblock[8];
> >> int des_set_key(const_des_cblock *key,des_key_schedule schedule);
> >>
> >> unsigned char key[7] = {...};
> >> unsigned char deskey[8] = {...};
> >> des_key_schedule ks;
> >>
> >> des_set_key(&key, ks); /* gets a warning */
> >> des_set_key(&deskey, ks); /* no warning */
>
> > I really don't like this. I can't quite figure out why, but it seems
> > messy. What happens if you use the two definitions for des_cblock and
> > const_des_cblock, but don't introduce the *s?
> >
> > Actually, I can figure out why. &key doesn't mean anything sensible: you
> > can't have a pointer to key, [...]
>
> Of course you can. key is an array, but except when used with sizeof
> or &, an array is automagically turned into a pointer to the first
> element of that array; this is usually O.K, but when you write
>
> deskey key;
>
> some_function(key);
>
> it is not obvious from the program text that a pointer is passed and
> not the value of key (which might be something else than an array,
> after all).
>
> (Another magic C rule turns array types in function prototypes into
> the corresponding element-pointer types, so that
>
> void some_function(deskey key);
>
> is just the same as
>
> void some_function(char *key);
>
> but it's _not_ the same as
>
> void some_function(deskey *key);.)
>
> &key is a pointer to an array of a specific size, which means that the
> compiler can detect more problems. For the encryption functions, most
> of the arguments tend to be pointers (usually to char), so there's not
> much the compiler can detect otherwise.
>
> > because it is already as pointery as it can be.
>
> When you define
>
> deskey key;
>
> (except in a function argument list), then key is not a pointer,
> obviously; it's just that in most circumstances C rules convert it
> into a pointer to the first array element. Function calls
> some_function(key) and some_other_function(&key) are the same only if
> you look at them at assember level; but as far as C types are
> concerned, they are quite different:
>
> void some_function(deskey key);
> void some_other_function(deskey *key);
>
> void yet_another_function(void)
> {
> deskey key = "12345678";
> some_function(key);
> some_other_function(&key);
> }
>
> void some_function(deskey key)
> {
> /* sizeof *key is 1, key[1] is '2' */
> }
>
> void some_other_function(deskey *key)
> {
> /* sizeof *key is 8, (*key)[1] is '2' */
> }
OK, you've convinced me. I don't think it is very transparent, but it
certainly does help the compiler.
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html
"My grandfather once told me that there are two kinds of people: those
who work and those who take the credit. He told me to try to be in the
first group; there was less competition there."
- Indira Gandhi
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
