On 2011-02-22, at 21:55 , Antoine Pitrou wrote: > On Tue, 22 Feb 2011 21:48:51 +0100 > Stefan Behnel <stefan...@behnel.de> wrote: >> Reid Kleckner, 22.02.2011 21:21: >>> On Tue, Feb 22, 2011 at 2:09 PM, Eric Smith wrote: >>>> Also changing it now would be a giant hassle, leading to so-called "const >>>> poisoning" where many, many APIs need to be changed before everything would >>>> again work. >>> >>> The poisoning will not break any users of the API, though, since they >>> can pass const and non-const pointers. Internally Python would have >>> to go through and add const keywords as appropriate when passing >>> strings around. IMO it's worth it to not cause this warning for >>> users. >> The problem is that Python's C-API functions are used both internally and >> externally, so changes like this can easily impact other public API >> functions because the function being changed uses them. > How so?
If the parameters are passed from the newly const'ed function to an other public-API function, that one will have to be const'ed as well (or the const will have to be cast away which generally isn't considered good style and may lead to UBs), which may cascade into yet an other public-API function, the end result being that numerous functions would have to be const'ed: > Adding const qualification may propagate through a program; as you > add const qualifiers, still more become necessary. This phenomenon is > sometimes called "const-poisoning." Const-poisoning can frequently > lead to violations of recommendation EXP05-C. Do not cast away a const > qualification. While const qualification is a good idea, the costs may > outweigh the value in the remediation of existing code. https://www.securecoding.cert.org/confluence/display/seccode/STR05-C.+Use+pointers+to+const+when+referring+to+string+literals _______________________________________________ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
