Wallet: Refactor ReserveKeyFromKeyPool for safety #9537

pull luke-jr wants to merge 1 commits into bitcoin:master from luke-jr:refactor_wallet_RKFKP changing 2 files +17 −12
  1. luke-jr commented at 9:20 PM on January 12, 2017: member

    ReserveKeyFromKeyPool's previous behaviour is to set nIndex to -1 if the keypool is empty, OR throw an exception for technical failures. Instead, we now return nIndex (always >= 0) and throw a keypool_empty exception if the keypool is empty.

    This is to ensure calling code must handle the empty case, and so the compiler can provide use-without-assignment warnings when appropriate.

  2. Wallet: Refactor ReserveKeyFromKeyPool for safety
    ReserveKeyFromKeyPool's previous behaviour is to set nIndex to -1 if the keypool is empty, OR throw an exception for technical failures.
Instead, we now return nIndex (always >= 0) and throw a keypool_empty exception if the keypool is empty.

This is to ensure calling code must handle the empty case, and so the compiler can provide use-without-assignment warnings when appropriate.
    ba98de0b12
  3. fanquake added the label Wallet on Jan 12, 2017
  4. kallewoof commented at 12:15 AM on March 1, 2017: member

    utACK

  5. laanwj commented at 8:11 AM on May 18, 2017: member

    Needs rebase

  6. in src/wallet/wallet.cpp:2967 in ba98de0b12 
    2963 | @@ -2963,13 +2964,13 @@ void CWallet::ReturnKey(int64_t nIndex)
2964 |  
2965 |  bool CWallet::GetKeyFromPool(CPubKey& result)
2966 |  {
2967 | -    int64_t nIndex = 0;
2968 | +    int64_t nIndex;
    ryanofsky commented at 5:49 PM on May 22, 2017:

    Would be nice if this were declared after the lock, closer to where it's used.

  7. ryanofsky commented at 5:50 PM on May 22, 2017: member

    utACK ba98de0b129bf510a52e3a65bece11ff492ec8d7. Reasonable change, needs rebase.

  8. TheBlueMatt commented at 9:44 PM on May 29, 2017: member

    Gaa, can we not add more C++ exceptions? They are generally very strongly discouraged across the board by sandard C++ guidelines, for various reasons. As an alternative which accomplishes most of the same goal, maybe still make ReserveKeyFromKeyPool return the nIndex and add the stanard "not using returned values" checks that most compilers support?

  9. jonasschnelli commented at 8:10 PM on August 15, 2017: contributor

    Needs rebase and maybe discussion about @TheBlueMatt's points about the C++ exceptions (or close).

  10. ryanofsky commented at 5:33 PM on October 12, 2017: member

    Needs rebase. This seems like a reasonable use of exceptions, so I'd stand by my previous ACK, but no strong opinion one way or the other.

  11. sipa commented at 6:36 PM on March 6, 2018: member

    Concept ACK in the sense that using -1 as exceptional value may be improvable. I'm not a fan of using exceptions though; what about boost::optional?

  12. MarcoFalke added the label Up for grabs on Mar 18, 2018
  13. Empact commented at 1:00 AM on May 17, 2018: member

    I'll take this.

  14. Empact referenced this in commit 173a0d67b2 on May 17, 2018
  15. fanquake commented at 2:09 AM on May 17, 2018: member

    Taken over in #13252

  16. fanquake closed this on May 17, 2018
  17. fanquake removed the label Up for grabs on May 17, 2018
  18. DrahtBot locked this on Sep 8, 2021
Contributors
luke-jrkallewooflaanwjryanofskyTheBlueMattjonasschnellisipaEmpactfanquake
Labels
Wallet
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-04-14 15:15 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me