[Python-Dev] Const-correctness in C-API Object Protocol
Guido van Rossum
guido at python.org
Tue Feb 22 22:22:51 CET 2011
On Tue, Feb 22, 2011 at 1:17 PM, Xavier Morel <python-dev at masklinn.net> wrote:
> On 2011-02-22, at 21:55 , Antoine Pitrou wrote:
>> On Tue, 22 Feb 2011 21:48:51 +0100
>> Stefan Behnel <stefan_ml at behnel.de> wrote:
>>> Reid Kleckner, 22.02.2011 21:21:
>>>> On Tue, Feb 22, 2011 at 2:09 PM, Eric Smith wrote:
>>>>> Also changing it now would be a giant hassle, leading to so-called "const
>>>>> poisoning" where many, many APIs need to be changed before everything would
>>>>> again work.
>>>>
>>>> The poisoning will not break any users of the API, though, since they
>>>> can pass const and non-const pointers. Internally Python would have
>>>> to go through and add const keywords as appropriate when passing
>>>> strings around. IMO it's worth it to not cause this warning for
>>>> users.
>>> The problem is that Python's C-API functions are used both internally and
>>> externally, so changes like this can easily impact other public API
>>> functions because the function being changed uses them.
>> How so?
>
> If the parameters are passed from the newly const'ed function to an
> other public-API function, that one will have to be const'ed as well
> (or the const will have to be cast away which generally isn't
> considered good style and may lead to UBs), which may cascade into yet
> an other public-API function, the end result being that numerous
> functions would have to be const'ed:
I tried this in my codebase. I found no need for further const
propagation in this particular case.
>> Adding const qualification may propagate through a program; as you
>> add const qualifiers, still more become necessary. This phenomenon is
>> sometimes called "const-poisoning." Const-poisoning can frequently
>> lead to violations of recommendation EXP05-C. Do not cast away a const
>> qualification. While const qualification is a good idea, the costs may
>> outweigh the value in the remediation of existing code.
>
> https://www.securecoding.cert.org/confluence/display/seccode/STR05-C.+Use+pointers+to+const+when+referring+to+string+literals
> _______________________________________________
> Python-Dev mailing list
> Python-Dev at python.org
> http://mail.python.org/mailman/listinfo/python-dev
> Unsubscribe: http://mail.python.org/mailman/options/python-dev/guido%40python.org
>
--
--Guido van Rossum (python.org/~guido)
More information about the Python-Dev
mailing list