Mailing List Archive: ClamAV: devel

New 0.95 API concerns

Index | Next | Previous | View Threaded

crosser at average

Mar 2, 2009, 1:39 AM

Post #1 of 6 (970 views)
Permalink

New 0.95 API concerns

Gentlemen,

I have a couple of concerns about the new libclamav API introduced in
0.95 (rc1). I understand the reason to remove cl_limits structure, but I
think that the way it was done is, hmm, suboptimal.

cl_engine_set() and cl_engine_get() accessors have void* for the
argument, which may point to different type of variables: uint32, uint64
or char. The type of expected argument is dependent on the value of
cl_engine_field, and there is no type check of any kind, i.e. nothing
that prevents passing of e.g. a char pointer where in32 pointer was
expected. If, by chance, the types of arguments change in a future
release, the user program will recompile cleanly, and the change won't
be noticed. It's actually worse than it was when cl_limits was exposed:
when you assigned a value to a field of cl_limits structure, at least
basic type checking (and/or automatic conversion) was performed.

To mitigate this problem (if you *really* want to get rid of cl_limits
structure exposed to the user), you might introduce separate pairs of
accessor functions for different types of arguments, e.g.:

cl_engine_{get|set}_size(...,uint64_t *val)
cl_engine_{get|set}_int(...,uint32_t *val)
cl_engine_{get|set}_str(...,char *val)

This way, there will be no chance to pass the argument of wrong type.

And here we are coming to my second concern. By requiring the the user
to use bit-size-specific types (uint32_t, uint64_t), you force them to
deploy all the dark magic of having these types defined portably on
different systems, and to essentially duplicate the logic implemented in
cltypes.h. I believe that there is no good reason for that. While there
may be necessary to have bit-size-specific types *inside* clamav, having
them leaking through the API is not justified, in my opinion. I think
that it would be "cleaner" to use more common types in the API, like this:

cl_engine_{get|set}_size(...,off_t *val)
cl_engine_{get|set}_int(...,int *val)
cl_engine_{get|set}_str(...,char *val)

And a final note: I think it's worth mentioning in the documentation
what is the relation between "options" passed to cl_init() and "options"
passed to scanning functions. If they are different, maybe it's better
to name them differently, like "init_options" and "scan_options".

Thanks for consideration,

Regards,

Eugene

Attachments:

signature.asc (0.25 KB)

tkojm at clamav

Mar 12, 2009, 8:34 AM

Post #2 of 6 (896 views)
Permalink

Re: New 0.95 API concerns [In reply to]

On Mon, 02 Mar 2009 12:39:47 +0300
Eugene Crosser <crosser[at]average.org> wrote:

> To mitigate this problem (if you *really* want to get rid of cl_limits
> structure exposed to the user), you might introduce separate pairs of
> accessor functions for different types of arguments, e.g.:
>
> cl_engine_{get|set}_size(...,uint64_t *val)
> cl_engine_{get|set}_int(...,uint32_t *val)
> cl_engine_{get|set}_str(...,char *val)
>
> This way, there will be no chance to pass the argument of wrong type.

Hi Eugene,

Thanks for your email and suggestions. While the original functions
were very generic, they could indeed lead to some confusion.
Therefore I replaced them with the following set:

extern int cl_engine_set_num(struct cl_engine *engine,
enum cl_engine_field field, long long num);

extern long long cl_engine_get_num(const struct cl_engine *engine,
enum cl_engine_field field, int *err);

extern int cl_engine_set_str(struct cl_engine *engine,
enum cl_engine_field field, const char *str);

extern const char *cl_engine_get_str(const struct cl_engine *engine,
enum cl_engine_field field, int *err);

These functions eliminate some possible programming errors and
limitations of the old ones, eg. cl_engine_get_str doesn't require
a buffer anymore; it's also much easier to set values with
cl_engine_set_num.

> And here we are coming to my second concern. By requiring the the user
> to use bit-size-specific types (uint32_t, uint64_t), you force them to
> deploy all the dark magic of having these types defined portably on
> different systems, and to essentially duplicate the logic implemented in
> cltypes.h. I believe that there is no good reason for that. While there
> may be necessary to have bit-size-specific types *inside* clamav, having
> them leaking through the API is not justified, in my opinion. I think
> that it would be "cleaner" to use more common types in the API, like this:

The new functions use 'char *' and 'long long' for handling the values
so this issue should be solved as well.

> And a final note: I think it's worth mentioning in the documentation
> what is the relation between "options" passed to cl_init() and "options"
> passed to scanning functions. If they are different, maybe it's better
> to name them differently, like "init_options" and "scan_options".

I renamed them, too.

Thanks,

--
oo ..... Tomasz Kojm <tkojm[at]clamav.net>
(\/)\......... http://www.ClamAV.net/gpg/tkojm.gpg
\..........._ 0DCA5A08407D5288279DB43454822DC8985A444B
//\ /\ Thu Mar 12 16:33:36 CET 2009
_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net

rbgarga at gmail

Mar 12, 2009, 8:47 AM

Post #3 of 6 (896 views)
Permalink

Re: New 0.95 API concerns [In reply to]

On Thu, Mar 12, 2009 at 12:34 PM, Tomasz Kojm <tkojm[at]clamav.net> wrote:
> On Mon, 02 Mar 2009 12:39:47 +0300
> Eugene Crosser <crosser[at]average.org> wrote:
>
>> To mitigate this problem (if you *really* want to get rid of cl_limits
>> structure exposed to the user), you might introduce separate pairs of
>> accessor functions for different types of arguments, e.g.:
>>
>> cl_engine_{get|set}_size(...,uint64_t *val)
>> cl_engine_{get|set}_int(...,uint32_t *val)
>> cl_engine_{get|set}_str(...,char *val)
>>
>> This way, there will be no chance to pass the argument of wrong type.
>
> Hi Eugene,
>
> Thanks for your email and suggestions. While the original functions
> were very generic, they could indeed lead to some confusion.
> Therefore I replaced them with the following set:
>
> extern int cl_engine_set_num(struct cl_engine *engine,
> �enum cl_engine_field field, long long num);
>
> extern long long cl_engine_get_num(const struct cl_engine *engine,
> �enum cl_engine_field field, int *err);
>
> extern int cl_engine_set_str(struct cl_engine *engine,
> �enum cl_engine_field field, const char *str);
>
> extern const char *cl_engine_get_str(const struct cl_engine *engine,
> �enum cl_engine_field field, int *err);
>
> These functions eliminate some possible programming errors and
> limitations of the old ones, eg. cl_engine_get_str doesn't require
> a buffer anymore; it's also much easier to set values with
> cl_engine_set_num.
>
>> And here we are coming to my second concern. By requiring the the user
>> to use bit-size-specific types (uint32_t, uint64_t), you force them to
>> deploy all the dark magic of having these types defined portably on
>> different systems, and to essentially duplicate the logic implemented in
>> cltypes.h. I believe that there is no good reason for that. While there
>> may be necessary to have bit-size-specific types *inside* clamav, having
>> them leaking through the API is not justified, in my opinion. I think
>> that it would be "cleaner" to use more common types in the API, like this:
>
> The new functions use 'char *' and 'long long' for handling the values
> so this issue should be solved as well.
>
>> And a final note: I think it's worth mentioning in the documentation
>> what is the relation between "options" passed to cl_init() and "options"
>> passed to scanning functions. If they are different, maybe it's better
>> to name them differently, like "init_options" and "scan_options".
>
> I renamed them, too.

Hello Tomasz,

Since API was chenged one more time, a new RC will be released to
0.95? I'm just asking it because I maintain clamav at FreeBSD ports
and I tested all dependant ports with clam 0.95-RC1 and notified
maintainers of all ports that doesn't build with new API to fix it. I'm just
wondering if with these new changes those ports can or not break
again.

Thanks
--
Renato Botelho
_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net

crosser at average

Mar 12, 2009, 10:01 AM

Post #4 of 6 (895 views)
Permalink

Re: New 0.95 API concerns [In reply to]

Tomasz,

thank you for your attention to my concerns. Now I can go ahead and
adjust zmscanner's clamav plugin to use the new API ... with confidence! :-)

Eugene

Attachments:

signature.asc (0.25 KB)

tkojm at clamav

Mar 12, 2009, 11:22 AM

Post #5 of 6 (896 views)
Permalink

Re: New 0.95 API concerns [In reply to]

On Thu, 12 Mar 2009 20:01:59 +0300
Eugene Crosser <crosser[at]average.org> wrote:

> Tomasz,
>
> thank you for your attention to my concerns. Now I can go ahead and
> adjust zmscanner's clamav plugin to use the new API ... with confidence! :-)

You're welcome!

--
oo ..... Tomasz Kojm <tkojm[at]clamav.net>
(\/)\......... http://www.ClamAV.net/gpg/tkojm.gpg
\..........._ 0DCA5A08407D5288279DB43454822DC8985A444B
//\ /\ Thu Mar 12 19:22:12 CET 2009
_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net

tkojm at clamav

Mar 12, 2009, 11:27 AM

Post #6 of 6 (897 views)
Permalink

Re: New 0.95 API concerns [In reply to]

On Thu, 12 Mar 2009 12:47:28 -0300
Renato Botelho <rbgarga[at]gmail.com> wrote:

> Since API was chenged one more time, a new RC will be released to
> 0.95? I'm just asking it because I maintain clamav at FreeBSD ports
> and I tested all dependant ports with clam 0.95-RC1 and notified
> maintainers of all ports that doesn't build with new API to fix it. I'm just
> wondering if with these new changes those ports can or not break
> again.

Hi Renato,

due to some changes and Safe Browsing support, we will be publishing
a new release candidate on March 16, however I believe these particular
changes to the API shouldn't have much impact on the 3rd party
applications at this point.

Thanks,

--
oo ..... Tomasz Kojm <tkojm[at]clamav.net>
(\/)\......... http://www.ClamAV.net/gpg/tkojm.gpg
\..........._ 0DCA5A08407D5288279DB43454822DC8985A444B
//\ /\ Thu Mar 12 19:26:41 CET 2009
_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net

Index | Next | Previous | View Threaded

Interested in having your list archived? Contact lists@gossamer-threads.com