Also add a bunch of casts where needed. I've tried to model everything
in such a way that it minimises casts. The casts *should* be safe, but
it's not always obvious. In the obvious cases, we should have a linter
that validates it. In the non-obvious cases, that linter should warn and
require that we add a null check. I've added some null checks in some
cases but not all.
Also, refactored some of the constructor functions to never assign a
maybe-null value to a non-null struct member, instead using a temporary
local variable to check if construction/allocation succeeded.
Currently only `crypto_core_mem.c` needs this. We should try not to
depend on configure'd values. Also note: config.h is only created and
used in the autotools build. In CMake, we pass `-D` flags directly.
* Use-after-free because we free network before dht in one case.
* Various unchecked allocs in tests (not so important).
* We used to not check whether ping arrays were actually allocated in DHT.
* `ping_kill` and `ping_array_kill` used to crash when passing NULL.
Also:
* Added an assert in all public API functions to ensure tox isn't NULL.
The error message you get from that is a bit nicer than "Segmentation
fault" when clients (or our tests) do things wrong.
* Decreased the sleep time in iterate_all_wait from 20ms to 5ms.
Everything seems to still work with 5ms, and this greatly decreases
the amount of time spent per test run, making oomer run much faster.
It turns out, `unix_time` is also monotonic, and is used as such, so I've
renamed the new functions to `mono_time_*`.
2018-07-08:
```
00:01 <@irungentoo> the idea used to be that the unix_time() function
could go backward in time but I think I might have started using it like
if it could not after I changed it so that it would never go back in time
```
"All rights reserved" was incorrect. The project was licensed under GPL3,
which means a lot of rights are licensed to everybody in the world, i.e.
not reserved to the "Tox Project".
It is still C code, so still compatible with C compilers as well. This
change lets us see more clearly where implicit conversions occur by
making them explicit.
Change calloc call on line 138 from empty_array->entries = calloc(size * sizeof(Ping_Array_Entry), 1);, to empty_array->entries = calloc(size, sizeof(Ping_Array_Entry));
