make ffi-string-parameter const

typically, nearly all string-parameters in the ffi should be const. one of the few exceptions is dc_str_unref() that really modifies the given data.
2026-04-06 15:42:10 +03:00 · 2019-09-28 01:48:50 +02:00
5 changed files with 54 additions and 59 deletions
--- a/deltachat-ffi/deltachat.h
+++ b/deltachat-ffi/deltachat.h
@@ -3485,7 +3485,7 @@ int             dc_contact_is_verified       (dc_contact_t* contact);
 *     accessor functions.  If no provider info is found, NULL will be
 *     returned.
 */
-dc_provider_t*  dc_provider_new_from_domain           (char* domain);
+dc_provider_t*  dc_provider_new_from_domain           (const char* domain);


 /**
@@ -3499,7 +3499,7 @@ dc_provider_t*  dc_provider_new_from_domain           (char* domain);
 *     accessor functions.  If no provider info is found, NULL will be
 *     returned.
 */
-dc_provider_t*  dc_provider_new_from_email            (char* email);
+dc_provider_t*  dc_provider_new_from_email            (const char* email);


 /**
--- a/deltachat-ffi/src/lib.rs
+++ b/deltachat-ffi/src/lib.rs
@@ -225,8 +225,8 @@ pub unsafe extern "C" fn dc_get_userdata(context: *mut dc_context_t) -> *mut lib
 #[no_mangle]
 pub unsafe extern "C" fn dc_open(
    context: *mut dc_context_t,
-    dbfile: *mut libc::c_char,
-    blobdir: *mut libc::c_char,
+    dbfile: *const libc::c_char,
+    blobdir: *const libc::c_char,
 ) -> libc::c_int {
    if context.is_null() || dbfile.is_null() {
        eprintln!("ignoring careless call to dc_open()");
@@ -298,8 +298,8 @@ pub unsafe extern "C" fn dc_get_blobdir(context: *mut dc_context_t) -> *mut libc
 #[no_mangle]
 pub unsafe extern "C" fn dc_set_config(
    context: *mut dc_context_t,
-    key: *mut libc::c_char,
-    value: *mut libc::c_char,
+    key: *const libc::c_char,
+    value: *const libc::c_char,
 ) -> libc::c_int {
    if context.is_null() || key.is_null() {
        eprintln!("ignoring careless call to dc_set_config()");
@@ -322,7 +322,7 @@ pub unsafe extern "C" fn dc_set_config(
 #[no_mangle]
 pub unsafe extern "C" fn dc_get_config(
    context: *mut dc_context_t,
-    key: *mut libc::c_char,
+    key: *const libc::c_char,
 ) -> *mut libc::c_char {
    if context.is_null() || key.is_null() {
        eprintln!("ignoring careless call to dc_get_config()");
@@ -369,8 +369,8 @@ fn render_info(
 #[no_mangle]
 pub unsafe extern "C" fn dc_get_oauth2_url(
    context: *mut dc_context_t,
-    addr: *mut libc::c_char,
-    redirect: *mut libc::c_char,
+    addr: *const libc::c_char,
+    redirect: *const libc::c_char,
 ) -> *mut libc::c_char {
    if context.is_null() {
        eprintln!("ignoring careless call to dc_get_oauth2_url()");
@@ -612,7 +612,7 @@ pub unsafe extern "C" fn dc_maybe_network(context: *mut dc_context_t) {
 pub unsafe extern "C" fn dc_get_chatlist(
    context: *mut dc_context_t,
    flags: libc::c_int,
-    query_str: *mut libc::c_char,
+    query_str: *const libc::c_char,
    query_id: u32,
 ) -> *mut dc_chatlist_t {
    if context.is_null() {
@@ -733,7 +733,7 @@ pub unsafe extern "C" fn dc_send_msg(
 pub unsafe extern "C" fn dc_send_text_msg(
    context: *mut dc_context_t,
    chat_id: u32,
-    text_to_send: *mut libc::c_char,
+    text_to_send: *const libc::c_char,
 ) -> u32 {
    if context.is_null() || text_to_send.is_null() {
        eprintln!("ignoring careless call to dc_send_text_msg()");
@@ -1017,7 +1017,7 @@ pub unsafe extern "C" fn dc_get_chat_contacts(
 pub unsafe extern "C" fn dc_search_msgs(
    context: *mut dc_context_t,
    chat_id: u32,
-    query: *mut libc::c_char,
+    query: *const libc::c_char,
 ) -> *mut dc_array::dc_array_t {
    if context.is_null() || query.is_null() {
        eprintln!("ignoring careless call to dc_search_msgs()");
@@ -1054,7 +1054,7 @@ pub unsafe extern "C" fn dc_get_chat(context: *mut dc_context_t, chat_id: u32) -
 pub unsafe extern "C" fn dc_create_group_chat(
    context: *mut dc_context_t,
    verified: libc::c_int,
-    name: *mut libc::c_char,
+    name: *const libc::c_char,
 ) -> u32 {
    if context.is_null() || name.is_null() {
        eprintln!("ignoring careless call to dc_create_group_chat()");
@@ -1131,7 +1131,7 @@ pub unsafe extern "C" fn dc_remove_contact_from_chat(
 pub unsafe extern "C" fn dc_set_chat_name(
    context: *mut dc_context_t,
    chat_id: u32,
-    name: *mut libc::c_char,
+    name: *const libc::c_char,
 ) -> libc::c_int {
    if context.is_null() || chat_id <= constants::DC_CHAT_ID_LAST_SPECIAL as u32 || name.is_null() {
        eprintln!("ignoring careless call to dc_set_chat_name()");
@@ -1151,7 +1151,7 @@ pub unsafe extern "C" fn dc_set_chat_name(
 pub unsafe extern "C" fn dc_set_chat_profile_image(
    context: *mut dc_context_t,
    chat_id: u32,
-    image: *mut libc::c_char,
+    image: *const libc::c_char,
 ) -> libc::c_int {
    if context.is_null() || chat_id <= constants::DC_CHAT_ID_LAST_SPECIAL as u32 {
        eprintln!("ignoring careless call to dc_set_chat_profile_image()");
@@ -1322,7 +1322,7 @@ pub unsafe extern "C" fn dc_get_msg(context: *mut dc_context_t, msg_id: u32) ->
 }

 #[no_mangle]
-pub unsafe extern "C" fn dc_may_be_valid_addr(addr: *mut libc::c_char) -> libc::c_int {
+pub unsafe extern "C" fn dc_may_be_valid_addr(addr: *const libc::c_char) -> libc::c_int {
    if addr.is_null() {
        eprintln!("ignoring careless call to dc_may_be_valid_addr()");
        return 0;
@@ -1334,7 +1334,7 @@ pub unsafe extern "C" fn dc_may_be_valid_addr(addr: *mut libc::c_char) -> libc::
 #[no_mangle]
 pub unsafe extern "C" fn dc_lookup_contact_id_by_addr(
    context: *mut dc_context_t,
-    addr: *mut libc::c_char,
+    addr: *const libc::c_char,
 ) -> u32 {
    if context.is_null() || addr.is_null() {
        eprintln!("ignoring careless call to dc_lookup_contact_id_by_addr()");
@@ -1349,8 +1349,8 @@ pub unsafe extern "C" fn dc_lookup_contact_id_by_addr(
 #[no_mangle]
 pub unsafe extern "C" fn dc_create_contact(
    context: *mut dc_context_t,
-    name: *mut libc::c_char,
-    addr: *mut libc::c_char,
+    name: *const libc::c_char,
+    addr: *const libc::c_char,
 ) -> u32 {
    if context.is_null() || addr.is_null() {
        eprintln!("ignoring careless call to dc_create_contact()");
@@ -1369,7 +1369,7 @@ pub unsafe extern "C" fn dc_create_contact(
 #[no_mangle]
 pub unsafe extern "C" fn dc_add_address_book(
    context: *mut dc_context_t,
-    addr_book: *mut libc::c_char,
+    addr_book: *const libc::c_char,
 ) -> libc::c_int {
    if context.is_null() || addr_book.is_null() {
        eprintln!("ignoring careless call to dc_add_address_book()");
@@ -1390,7 +1390,7 @@ pub unsafe extern "C" fn dc_add_address_book(
 pub unsafe extern "C" fn dc_get_contacts(
    context: *mut dc_context_t,
    flags: u32,
-    query: *mut libc::c_char,
+    query: *const libc::c_char,
 ) -> *mut dc_array::dc_array_t {
    if context.is_null() {
        eprintln!("ignoring careless call to dc_get_contacts()");
@@ -1521,8 +1521,8 @@ pub unsafe extern "C" fn dc_get_contact(
 pub unsafe extern "C" fn dc_imex(
    context: *mut dc_context_t,
    what: libc::c_int,
-    param1: *mut libc::c_char,
-    _param2: *mut libc::c_char,
+    param1: *const libc::c_char,
+    _param2: *const libc::c_char,
 ) {
    if context.is_null() {
        eprintln!("ignoring careless call to dc_imex()");
@@ -1537,7 +1537,7 @@ pub unsafe extern "C" fn dc_imex(
 #[no_mangle]
 pub unsafe extern "C" fn dc_imex_has_backup(
    context: *mut dc_context_t,
-    dir: *mut libc::c_char,
+    dir: *const libc::c_char,
 ) -> *mut libc::c_char {
    if context.is_null() || dir.is_null() {
        eprintln!("ignoring careless call to dc_imex_has_backup()");
@@ -1577,7 +1577,7 @@ pub unsafe extern "C" fn dc_initiate_key_transfer(context: *mut dc_context_t) ->
 pub unsafe extern "C" fn dc_continue_key_transfer(
    context: *mut dc_context_t,
    msg_id: u32,
-    setup_code: *mut libc::c_char,
+    setup_code: *const libc::c_char,
 ) -> libc::c_int {
    if context.is_null()
        || msg_id <= constants::DC_MSG_ID_LAST_SPECIAL as u32
@@ -1615,7 +1615,7 @@ pub unsafe extern "C" fn dc_stop_ongoing_process(context: *mut dc_context_t) {
 #[no_mangle]
 pub unsafe extern "C" fn dc_check_qr(
    context: *mut dc_context_t,
-    qr: *mut libc::c_char,
+    qr: *const libc::c_char,
 ) -> *mut dc_lot_t {
    if context.is_null() || qr.is_null() {
        eprintln!("ignoring careless call to dc_check_qr()");
@@ -1652,7 +1652,7 @@ pub unsafe extern "C" fn dc_get_securejoin_qr(
 #[no_mangle]
 pub unsafe extern "C" fn dc_join_securejoin(
    context: *mut dc_context_t,
-    qr: *mut libc::c_char,
+    qr: *const libc::c_char,
 ) -> u32 {
    if context.is_null() || qr.is_null() {
        eprintln!("ignoring careless call to dc_join_securejoin()");
@@ -2569,7 +2569,7 @@ pub unsafe extern "C" fn dc_msg_get_setupcodebegin(msg: *mut dc_msg_t) -> *mut l
 }

 #[no_mangle]
-pub unsafe extern "C" fn dc_msg_set_text(msg: *mut dc_msg_t, text: *mut libc::c_char) {
+pub unsafe extern "C" fn dc_msg_set_text(msg: *mut dc_msg_t, text: *const libc::c_char) {
    if msg.is_null() {
        eprintln!("ignoring careless call to dc_msg_set_text()");
        return;
@@ -2582,8 +2582,8 @@ pub unsafe extern "C" fn dc_msg_set_text(msg: *mut dc_msg_t, text: *mut libc::c_
 #[no_mangle]
 pub unsafe extern "C" fn dc_msg_set_file(
    msg: *mut dc_msg_t,
-    file: *mut libc::c_char,
-    filemime: *mut libc::c_char,
+    file: *const libc::c_char,
+    filemime: *const libc::c_char,
 ) {
    if msg.is_null() || file.is_null() {
        eprintln!("ignoring careless call to dc_msg_set_file()");
--- a/src/e2ee.rs
+++ b/src/e2ee.rs
@@ -336,16 +336,16 @@ impl E2eeHelper {
                    if let Some(ref mut peerstate) = peerstate {
                        if let Some(ref header) = autocryptheader {
                            peerstate.apply_header(&header, message_time);
-                            peerstate.save_to_db(&context.sql, false)?;
+                            peerstate.save_to_db(&context.sql, false).unwrap();
                        } else if message_time > peerstate.last_seen_autocrypt
                            && !contains_report(in_out_message)
                        {
                            peerstate.degrade_encryption(message_time);
-                            peerstate.save_to_db(&context.sql, false)?;
+                            peerstate.save_to_db(&context.sql, false).unwrap();
                        }
                    } else if let Some(ref header) = autocryptheader {
                        let p = Peerstate::from_header(context, header, message_time);
-                        p.save_to_db(&context.sql, true)?;
+                        p.save_to_db(&context.sql, true).unwrap();
                        peerstate = Some(p);
                    }
                }
@@ -364,7 +364,7 @@ impl E2eeHelper {
                    }
                    if let Some(ref peerstate) = peerstate {
                        if peerstate.degrade_event.is_some() {
-                            handle_degrade_event(context, &peerstate)?;
+                            handle_degrade_event(context, &peerstate);
                        }
                        if let Some(ref key) = peerstate.gossip_key {
                            public_keyring_for_validate.add_ref(key);
@@ -395,7 +395,7 @@ impl E2eeHelper {
                            message_time,
                            imffields,
                            gossip_headers,
-                        )?;
+                        )
                    }
                }
            }
@@ -493,7 +493,7 @@ unsafe fn update_gossip_peerstates(
    message_time: i64,
    imffields: *mut mailimf_fields,
    gossip_headers: *const mailimf_fields,
-) -> Result<HashSet<String>> {
+) -> HashSet<String> {
    // XXX split the parsing from the modification part
    let mut recipients: Option<HashSet<String>> = None;
    let mut gossipped_addr: HashSet<String> = Default::default();
@@ -522,15 +522,15 @@ unsafe fn update_gossip_peerstates(
                            Peerstate::from_addr(context, &context.sql, &header.addr);
                        if let Some(ref mut peerstate) = peerstate {
                            peerstate.apply_gossip(header, message_time);
-                            peerstate.save_to_db(&context.sql, false)?;
+                            peerstate.save_to_db(&context.sql, false).unwrap();
                        } else {
                            let p = Peerstate::from_gossip(context, header, message_time);
-                            p.save_to_db(&context.sql, true)?;
+                            p.save_to_db(&context.sql, true).unwrap();
                            peerstate = Some(p);
                        }
                        if let Some(peerstate) = peerstate {
                            if peerstate.degrade_event.is_some() {
-                                handle_degrade_event(context, &peerstate)?;
+                                handle_degrade_event(context, &peerstate);
                            }
                        }

@@ -547,7 +547,7 @@ unsafe fn update_gossip_peerstates(
        }
    }

-    Ok(gossipped_addr)
+    gossipped_addr
 }

 fn decrypt_if_autocrypt_message(
--- a/src/securejoin.rs
+++ b/src/securejoin.rs
@@ -718,24 +718,21 @@ fn encrypted_and_signed(mimeparser: &MimeParser, expected_fingerprint: impl AsRe
    }
 }

-pub fn handle_degrade_event(context: &Context, peerstate: &Peerstate) -> Result<(), Error> {
+pub fn handle_degrade_event(context: &Context, peerstate: &Peerstate) {
    // - we do not issue an warning for DC_DE_ENCRYPTION_PAUSED as this is quite normal
    // - currently, we do not issue an extra warning for DC_DE_VERIFICATION_LOST - this always comes
    //   together with DC_DE_FINGERPRINT_CHANGED which is logged, the idea is not to bother
    //   with things they cannot fix, so the user is just kicked from the verified group
    //   (and he will know this and can fix this)
    if Some(DegradeEvent::FingerprintChanged) == peerstate.degrade_event {
-        let contact_id: i32 = match context.sql.query_get_value(
-            context,
-            "SELECT id FROM contacts WHERE addr=?;",
-            params![&peerstate.addr],
-        ) {
-            None => bail!(
-                "contact with peerstate.addr {:?} not found",
-                &peerstate.addr
-            ),
-            Some(contact_id) => contact_id,
-        };
+        let contact_id: i32 = context
+            .sql
+            .query_get_value(
+                context,
+                "SELECT id FROM contacts WHERE addr=?;",
+                params![&peerstate.addr],
+            )
+            .unwrap_or_default();
        if contact_id > 0 {
            let (contact_chat_id, _) =
                chat::create_or_lookup_by_contact_id(context, contact_id as u32, Blocked::Deaddrop)
@@ -751,5 +748,4 @@ pub fn handle_degrade_event(context: &Context, peerstate: &Peerstate) -> Result<
            emit_event!(context, Event::ChatModified(contact_chat_id));
        }
    }
-    Ok(())
 }
--- a/src/wrapmime.rs
+++ b/src/wrapmime.rs
@@ -36,6 +36,7 @@ pub fn get_ct_subtype(mime: *mut Mailmime) -> Option<String> {
        let ct: *mut mailmime_content = (*mime).mm_content_type;

        if !ct.is_null() && !(*ct).ct_subtype.is_null() {
+            println!("ct_subtype: {}", to_string((*ct).ct_subtype));
            Some(to_string((*ct).ct_subtype))
        } else {
            None
@@ -47,12 +48,10 @@ pub fn get_autocrypt_mime(
    mime_undetermined: *mut Mailmime,
 ) -> Result<(*mut Mailmime, *mut Mailmime), Error> {
    /* return Result with two mime pointers:
-
-    First mime pointer is to the multipart-mime message
-    (which is replaced with a decrypted version later)
-
-    Second one is to the encrypted payload.
-    For non-autocrypt message an Error is returned.
+       First mime pointer is to the multipart-mime message
+       (which is replaced with a decrypted version later)
+       Second one is to the encrypted payload.
+       For non-autocrypt message an Error is returned.
    */
    unsafe {
        ensure!(