boolean return values #715

issue gmaxwell opened this issue on February 11, 2020
  1. gmaxwell commented at 1:14 AM on February 11, 2020: contributor

    There should be explicit api tests that boolean return values are boolean, and a verify check for the callback functions being boolean... also it should probably consistently coerce callback behaviour to boolean using !! rather than risking that external code will allow libsecp256k1 code to violate its contracts (esp since !! is so cheap).

  2. real-or-random commented at 3:21 PM on February 14, 2020: contributor

    Would it make sense to use a typedef for int to document that a return value should 0 / 1? Unfortunately we cannot use bool in C90, so this would just be for easy readability but may confuse others.

  3. gmaxwell commented at 7:08 PM on February 14, 2020: contributor

    MISRA 2012 would like you to typedef essentially everything, though it does exempt int returns. I don't know how I feel about using custom types in an external interface except for the opaque types. (oh I see MISRA also makes that point)

    Dir 4.6 typedefs that indicate size and signedness should be used in place of the basic numerical types

    Category: Advisory

    The basic numerical types of char, short, int, long, long long (C99), float, double and long double should not be used, but specific-length typedefs should be used.

    ...

    If abstract types are defined in terms of a specific-length type then it is not necessary, and may even be undesirable, for those abstract types to specify the size or sign. For example, the following code defines an abstract type representing mass in kilograms but does not indicate its size or sign: typedef uint16_t mass_kg_t;

    It might be desirable not to apply this guideline when interfacing with The Standard Library or code outside the project’s control.

    Exception1. The basic numerical types may be used in a typedef to define a specific-length type .2. For function main, an int may be used rather than the typedefs as a return type. Therefore int main (void) is permitted. 3. For function main an int may be used rather than the typedefs for the input parameter argc. 4. For function main a char may be used rather than the typedefs for the input parameter argv.

  4. real-or-random commented at 9:53 PM on February 14, 2020: contributor

    Ah I think my suggestion was doing this for internal function only. When I said "may confuse others" I was referring to people reading the implementation. But that's probably not a big concern.

Contributors
gmaxwellreal-or-random
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin-core/secp256k1. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-04-14 11:15 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me