double marshalling ...

[Havoc Pennington]

Hi,

Maybe what I should say is just that yes I'm generally supportive of
cleaning all this up. ;-)

Here are the goals I'd have:

 - keep the message builder and associated tests working 
   (ideally with the invalid-for-the-right-reasons fix 
    mentioned in TODO)

 - there's a test program you have to run manually that feeds
   random data to the parser to try and crash it, that should 
   also keep working (and is aware of the message format so 
   may need tweaks)

 - the big-picture change of course is to move the type signature to
   one block preceding the data, though I'm worried about creating
   a bunch of realloc() here as we append to a message, there 
   are various reasonable solutions to that

 - the code needs to stay super-paranoid about bad lengths, etc.
   and validate all data

I think it would be good to split the cleanups from changing the type
system; i.e. I'd find it really confusing if we were changing all the
struct/custom/etc. semantic bits in the same patch as the low-level
marshaling, I'd rather do one and then the other.

Havoc