Added manual external callbacks that panics

elichai · elichai · commit f7a4a7ef577d · 2019-07-03T17:48:35.000-04:00
diff --git a/build.rs b/build.rs
@@ -53,6 +53,7 @@ fn main() {
                .define("USE_FIELD_INV_BUILTIN", Some("1"))
                .define("USE_SCALAR_INV_BUILTIN", Some("1"))
                .define("ENABLE_MODULE_ECDH", Some("1"))
+               .define("USE_EXTERNAL_DEFAULT_CALLBACKS", Some("1"))
                .define("ECMULT_WINDOW_SIZE", Some("15")); // This is the default in the configure file (`auto`)
 
     #[cfg(feature = "endomorphism")]
diff --git a/src/ffi.rs b/src/ffi.rs
@@ -255,6 +255,52 @@ extern "C" {
     ) -> c_int;
 }
 
+
+#[no_mangle]
+/// **This function is an override for the C function, this is the an edited version of the original description:**
+///
+/// A callback function to be called when an illegal argument is passed to
+/// an API call. It will only trigger for violations that are mentioned
+/// explicitly in the header. **This will cause a panic**.
+///
+/// The philosophy is that these shouldn't be dealt with through a
+/// specific return value, as calling code should not have branches to deal with
+/// the case that this code itself is broken.
+///
+/// On the other hand, during debug stage, one would want to be informed about
+/// such mistakes, and the default (crashing) may be inadvisable.
+/// When this callback is triggered, the API function called is guaranteed not
+/// to cause a crash, though its return value and output arguments are
+/// undefined.
+///
+/// See also secp256k1_default_error_callback_fn.
+///
+pub extern "C" fn secp256k1_default_illegal_callback_fn(_message: *const c_char, _data: *mut c_void) {
+    // Do we need to deref the message and print it? if so without std we'll need to use `strlen`
+    panic!("[libsecp256k1] illegal argument.");
+}
+
+#[no_mangle]
+/// **This function is an override for the C function, this is the an edited version of the original description:**
+///
+/// A callback function to be called when an internal consistency check
+/// fails. **This will cause a panic**.
+///
+/// This can only trigger in case of a hardware failure, miscompilation,
+/// memory corruption, serious bug in the library, or other error would can
+/// otherwise result in undefined behaviour. It will not trigger due to mere
+/// incorrect usage of the API (see secp256k1_default_illegal_callback_fn
+/// for that). After this callback returns, anything may happen, including
+/// crashing.
+///
+/// See also secp256k1_default_illegal_callback_fn.
+///
+pub extern "C" fn secp256k1_default_error_callback_fn(_message: *const c_char, _data: *mut c_void) {
+    // Do we need to deref the message and print it? if so without std we'll need to use `strlen`
+    panic!("[libsecp256k1] internal consistency check failed.");
+}
+
+
 #[cfg(feature = "fuzztarget")]
 mod fuzz_dummy {
     extern crate std;
diff --git a/src/types.rs b/src/types.rs
@@ -4,6 +4,7 @@ use core::fmt;
 pub type c_int = i32;
 pub type c_uchar = u8;
 pub type c_uint = u32;
+pub type c_char = i8;
 
 /// This is an exact copy of https://doc.rust-lang.org/core/ffi/enum.c_void.html
 /// It should be Equivalent to C's void type when used as a pointer.
