Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Be more consistent about construction/destruction of ChipCertificateData #4689

Merged
merged 1 commit into from
Feb 5, 2021
Merged

Be more consistent about construction/destruction of ChipCertificateData #4689

merged 1 commit into from
Feb 5, 2021

Conversation

bzbarsky-apple
Copy link
Contributor

We are mixing placement new with Clear() calls and no destructor
calls, and in some cases (ChipCertificateSet::Release) doing neither
clearing nor destruction. Instead, try to consistently use
~ChipCertificateData when we are no longer keeping track of the
relevant object.

The addition of Clear() in ~ChipCertificateData is both to match
existing behavior and on the assumption that we don't want that data
lying around in memory if not needed.

Problem

See commit message.

Summary of Changes

See commit message.

Fixes #4688

@andy31415
Copy link
Contributor

I do find this a bit awkward because it accepts that the destructor can run multiple times on the same object (we do not seem to check for any 'is constructed already' flag.

Maybe we should specifically document this requirement. Clear() had the benefit that it was obvious that you may call it multiple times on the same object.

@woody-apple
Copy link
Contributor

@bzbarsky-apple ?

@bzbarsky-apple
Be more consistent about construction/destruction of ChipCertificateD…
39c9195 
…ata.

We are mixing placement new with Clear() calls and no destructor
calls, and in some cases (ChipCertificateSet::Release) doing neither
clearing nor destruction.  Instead, try to consistently use
~ChipCertificateData when we are no longer keeping track of the
relevant object.

The addition of `Clear()` in `~ChipCertificateData` is both to match
existing behavior and on the assumption that we don't want that data
lying around in memory if not needed.
@bzbarsky-apple
Copy link
Contributor Author

I added a comment on mCertCount documenting the invariants here.

@bzbarsky-apple bzbarsky-apple merged commit 06e825e into project-chip:master Feb 5, 2021
@bzbarsky-apple bzbarsky-apple deleted the fix-cert-data-dtors branch February 5, 2021 18:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@andy31415 andy31415 andy31415 approved these changes

@saurabhst saurabhst saurabhst approved these changes

@woody-apple woody-apple woody-apple approved these changes

@emargolis emargolis Awaiting requested review from emargolis

@BroderickCarlin BroderickCarlin Awaiting requested review from BroderickCarlin

@chrisdecenzo chrisdecenzo Awaiting requested review from chrisdecenzo

@hawk248 hawk248 Awaiting requested review from hawk248

@jelderton jelderton Awaiting requested review from jelderton

@mspang mspang Awaiting requested review from mspang

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

CHIPCert is making assumptions about how construction/destruction of ChipCertificateData works
4 participants
@bzbarsky-apple @andy31415 @woody-apple @saurabhst