search

google / emboss

Emboss is a tool for generating code that reads and writes binary data structures.
Apache License 2.0
71 stars 21 forks source link

Struct-level `[requires]` aren't enforced on field writes #126

Open fsareshwala opened 6 months ago

fsareshwala commented 6 months ago

Suppose I have the following Emboss definition:

struct Foo:
  [requires: bar == 0]
  0 [+1] UInt bar

If I were to write a non-zero value into bar, emboss_prelude.h:185 EMBOSS_CHECK(result); wouldn't execute and the write would succeed. It wouldn't be until I called bool Ok() that I would find out that something was written incorrectly. At that point, I just get a boolean true or false and not a directed, clear result of what went wrong.

This isn't the case if I place the [requires] block on the field itself:

struct Foo:
  0 [+1] UInt bar
  [requires: this == 0]

This second Emboss definition would catch the non-zero write via emboss_prelude.h:185 EMBOSS_CHECK(result);. Regardless of where the [requires] block is placed, we should catch incorrect writes when they happen.

BenjaminLawson commented 5 months ago

This might be difficult for complex struct-level requires, as the fields would need to be written in an order such that the requires is always true.