tor/doc/HACKING/HowToReview.md

How to review a patch
=====================

Some folks have said that they'd like to review patches more often, but they
don't know how.

So, here are a bunch of things to check for when reviewing a patch!

Note that if you can't do every one of these, that doesn't mean you can't do
a good review!  Just make it clear what you checked for and what you didn't.


Top-level smell-checks
----------------------

(Difficulty: easy)

- Does it compile with `--enable-fatal-warnings`?

- Does `make check-spaces` pass?

- Does `make check-changes` pass?

- Does it have a reasonable amount of tests?  Do they pass?  Do they leak
  memory?

- Do all the new functions, global variables, types, and structure members have
 documentation?

- Do all the functions, global variables, types, and structure members with
  modified behavior have modified documentation?

- Do all the new torrc options have documentation?

- If this changes Tor's behavior on the wire, is there a design proposal?

- If this changes anything in the code, is there a "changes" file?


Let's look at the code!
-----------------------

- Does the code conform to CodingStandards.txt?

- Does the code leak memory?

- If two or more pointers ever point to the same object, is it clear which
  pointer "owns" the object?

- Are all allocated resources freed?

- Are all pointers that should be const, const?

- Are `#defines` used for 'magic' numbers?

- Can you understand what the code is trying to do?

- Can you convince yourself that the code really does that?

- Is there duplicated code that could be turned into a function?


Let's look at the documentation!
--------------------------------

- Does the documentation confirm to CodingStandards.txt?

- Does it make sense?

- Can you predict what the function will do from its documentation?


Let's think about security!
---------------------------

- If there are any arrays, buffers, are you 100% sure that they cannot
  overflow?

- If there is any integer math, can it overflow or underflow?

- If there are any allocations, are you sure there are corresponding
  deallocations?

- Is there a safer pattern that could be used in any case?

- Have they used one of the Forbidden Functions?

(Also see your favorite secure C programming guides.)
Actually add HowToReview.txt 2015-10-22 14:03:04 +00:00			`How to review a patch`
			`=====================`

			`Some folks have said that they'd like to review patches more often, but they`
			`don't know how.`

			`So, here are a bunch of things to check for when reviewing a patch!`

			`Note that if you can't do every one of these, that doesn't mean you can't do`
			`a good review! Just make it clear what you checked for and what you didn't.`


			`Top-level smell-checks`
			`----------------------`

			`(Difficulty: easy)`

Stop recommending --enable-gcc-warnings in doc/HACKING 2016-05-23 18:40:27 +00:00			- Does it compile with `--enable-fatal-warnings`?
Actually add HowToReview.txt 2015-10-22 14:03:04 +00:00
added some markdown formatting 2015-11-05 14:13:53 +00:00			- Does `make check-spaces` pass?
Actually add HowToReview.txt 2015-10-22 14:03:04 +00:00
Mention even more about changes files in doc/HACKING 2017-09-22 19:14:36 +00:00			- Does `make check-changes` pass?

added some markdown formatting 2015-11-05 14:13:53 +00:00			`- Does it have a reasonable amount of tests? Do they pass? Do they leak`
			`memory?`
Actually add HowToReview.txt 2015-10-22 14:03:04 +00:00
added some markdown formatting 2015-11-05 14:13:53 +00:00			`- Do all the new functions, global variables, types, and structure members have`
			`documentation?`
Actually add HowToReview.txt 2015-10-22 14:03:04 +00:00
added some markdown formatting 2015-11-05 14:13:53 +00:00			`- Do all the functions, global variables, types, and structure members with`
			`modified behavior have modified documentation?`
Actually add HowToReview.txt 2015-10-22 14:03:04 +00:00
added some markdown formatting 2015-11-05 14:13:53 +00:00			`- Do all the new torrc options have documentation?`
Actually add HowToReview.txt 2015-10-22 14:03:04 +00:00
added some markdown formatting 2015-11-05 14:13:53 +00:00			`- If this changes Tor's behavior on the wire, is there a design proposal?`
Actually add HowToReview.txt 2015-10-22 14:03:04 +00:00
Mention even more about changes files in doc/HACKING 2017-09-22 19:14:36 +00:00			`- If this changes anything in the code, is there a "changes" file?`
Actually add HowToReview.txt 2015-10-22 14:03:04 +00:00

			`Let's look at the code!`
			`-----------------------`

added some markdown formatting 2015-11-05 14:13:53 +00:00			`- Does the code conform to CodingStandards.txt?`
Actually add HowToReview.txt 2015-10-22 14:03:04 +00:00
added some markdown formatting 2015-11-05 14:13:53 +00:00			`- Does the code leak memory?`
Actually add HowToReview.txt 2015-10-22 14:03:04 +00:00
added some markdown formatting 2015-11-05 14:13:53 +00:00			`- If two or more pointers ever point to the same object, is it clear which`
			`pointer "owns" the object?`
Actually add HowToReview.txt 2015-10-22 14:03:04 +00:00
added some markdown formatting 2015-11-05 14:13:53 +00:00			`- Are all allocated resources freed?`
Actually add HowToReview.txt 2015-10-22 14:03:04 +00:00
added some markdown formatting 2015-11-05 14:13:53 +00:00			`- Are all pointers that should be const, const?`
Actually add HowToReview.txt 2015-10-22 14:03:04 +00:00
added some markdown formatting 2015-11-05 14:13:53 +00:00			- Are `#defines` used for 'magic' numbers?
Actually add HowToReview.txt 2015-10-22 14:03:04 +00:00
added some markdown formatting 2015-11-05 14:13:53 +00:00			`- Can you understand what the code is trying to do?`
Actually add HowToReview.txt 2015-10-22 14:03:04 +00:00
added some markdown formatting 2015-11-05 14:13:53 +00:00			`- Can you convince yourself that the code really does that?`
Actually add HowToReview.txt 2015-10-22 14:03:04 +00:00
added some markdown formatting 2015-11-05 14:13:53 +00:00			`- Is there duplicated code that could be turned into a function?`
Actually add HowToReview.txt 2015-10-22 14:03:04 +00:00

			`Let's look at the documentation!`
			`--------------------------------`

added some markdown formatting 2015-11-05 14:13:53 +00:00			`- Does the documentation confirm to CodingStandards.txt?`
Actually add HowToReview.txt 2015-10-22 14:03:04 +00:00
added some markdown formatting 2015-11-05 14:13:53 +00:00			`- Does it make sense?`
Actually add HowToReview.txt 2015-10-22 14:03:04 +00:00
added some markdown formatting 2015-11-05 14:13:53 +00:00			`- Can you predict what the function will do from its documentation?`
Actually add HowToReview.txt 2015-10-22 14:03:04 +00:00

			`Let's think about security!`
			`---------------------------`

added some markdown formatting 2015-11-05 14:13:53 +00:00			`- If there are any arrays, buffers, are you 100% sure that they cannot`
			`overflow?`
Actually add HowToReview.txt 2015-10-22 14:03:04 +00:00
added some markdown formatting 2015-11-05 14:13:53 +00:00			`- If there is any integer math, can it overflow or underflow?`
Actually add HowToReview.txt 2015-10-22 14:03:04 +00:00
added some markdown formatting 2015-11-05 14:13:53 +00:00			`- If there are any allocations, are you sure there are corresponding`
			`deallocations?`
Actually add HowToReview.txt 2015-10-22 14:03:04 +00:00
added some markdown formatting 2015-11-05 14:13:53 +00:00			`- Is there a safer pattern that could be used in any case?`
Actually add HowToReview.txt 2015-10-22 14:03:04 +00:00
added some markdown formatting 2015-11-05 14:13:53 +00:00			`- Have they used one of the Forbidden Functions?`
Actually add HowToReview.txt 2015-10-22 14:03:04 +00:00
			`(Also see your favorite secure C programming guides.)`