[FFmpeg-devel] [PATCH] avutil/sha512: add av_warn_unused_result to av_sha512_init

[Ganesh Ajjanagadde]

On Thu, Oct 15, 2015 at 7:59 PM, Ganesh Ajjanagadde
<gajjanagadde at gmail.com> wrote:
> On Thu, Oct 15, 2015 at 7:37 PM, Ganesh Ajjanagadde
> <gajjanagadde at gmail.com> wrote:
>> This will trigger some useful warnings in avutil/hash that need to be fixed.
>>
>> Signed-off-by: Ganesh Ajjanagadde <gajjanagadde at gmail.com>
>> ---
>>  libavutil/sha512.h | 1 +
>>  1 file changed, 1 insertion(+)
>>
>> diff --git a/libavutil/sha512.h b/libavutil/sha512.h
>> index 7b08701..6aecf31 100644
>> --- a/libavutil/sha512.h
>> +++ b/libavutil/sha512.h
>> @@ -49,6 +49,7 @@ struct AVSHA512 *av_sha512_alloc(void);
>>   * @param bits    number of bits in digest (224, 256, 384 or 512 bits)
>>   * @return        zero if initialization succeeded, -1 otherwise
>>   */
>> +av_warn_unused_result
>>  int av_sha512_init(struct AVSHA512* context, int bits);
>>
>>  /**
>> --
>> 2.6.1
>>
>
> This is more controversial: on the one hand, users may want to check
> the return code if they are not init-ing with a constant bits value
> (e.g they obtain it dynamically), on the other hand the current usage
> (within FFmpeg) is perfectly fine.
>
> Until consensus emerges, I will not send more patches for these crypto stuff.

Thought about a little more: there is no easy solution. The cleanest
is simply to leave it the way it is - users are left to their own
devices to ensure that key length is valid. On the other hand, since
an invalid key length is essentially the only way these functions can
fail, I consider leaving it the way it is (without these patches)
acceptable.

Patch dropped.