[erlang-bugs] Patch: prevent crypto:info/0 from including undefined or unexported functions

Daniel White <>
Sat Sep 29 15:27:21 CEST 2012


Noticed this when I was checking I hadn't missed anything while
defining the generic HMAC interface.

The patch below removes any bad functions and adds a test to ensure
that only functions that are actually available can be returned by
crypto:info/0.

However, there are also a number of functions missing from the listing
that I suspect should be included.  So beyond this initial patch:

  1. What is the purpose of this function given the existence of
module_info(exports)?
  2. Assuming a secondary list is necessary since it is a subset of
exported functions, what is the deciding factor for including a
function in FUNC_LIST?

Again assuming that the function is necessary, and we are interested
in maintaining consistency as the crypto module changes, two potential
solutions come to mind:

  1. Use module_info(exports) instead, and remove undesirable
functions (e.g. start, stop) by way of a black list,
  2. In the test suite, ensure that all exported functions are
included in info.  A list can be maintained here for exceptions (e.g.
start, stop).

Seems that the first has worse performance characteristics, and the
second requires duplicate effort in maintenance.

Patch info:

git fetch git://github.com/danielwhite/otp.git fix-crypto-info-listing

https://github.com/danielwhite/otp/compare/erlang:master...danielwhite:fix-crypto-info-listing
https://github.com/danielwhite/otp/compare/erlang:master...danielwhite:fix-crypto-info-listing.patch

Regards,

-- 
Daniel White


More information about the erlang-bugs mailing list