Problem
The C-API bindings use static_cast<CppEnum>(c_enum_value) to convert C enum integers to C++ enum class types. If a caller passes an out-of-range integer value, static_cast produces an unspecified enum value — undefined behavior in practice.
The codebase already has safe conversion helpers (e.g. kth::network_to_cpp(kth_network_t) in helpers.hpp) that map unknown values to a sensible default (typically mainnet). Hand-written C-API code uses these helpers consistently, but the generated bindings emit raw static_cast instead.
Current behavior (generated code)
auto const net_cpp = static_cast<kth::domain::config::network>(net);
Expected behavior
auto const net_cpp = kth::network_to_cpp(net);
Or a generic pattern that works for all registered enums.
Scope
This affects every generated function that takes a C enum parameter:
kth_network_t → config::network (payment_address, get_blocks, get_headers, etc.)kth_script_flags_t → machine::script_flags- Any future enum params
Possible fix
Option A: Register a safe conversion helper per enum in the generator's _ENUM_REGISTRY, and emit calls to it instead of static_cast.
Option B: Generate a generic helper template:
template<typename CppEnum, typename CEnum>
CppEnum safe_enum_cast(CEnum value, CppEnum default_value);
Option C: Add a default case to each switch that uses the enum, returning a sensible fallback. This is what network_to_cpp already does internally.
Flagged by
Cursor Bugbot on PR #241 (comment #8).
Problem
The C-API bindings use
static_cast<CppEnum>(c_enum_value)to convert C enum integers to C++enum classtypes. If a caller passes an out-of-range integer value,static_castproduces an unspecified enum value — undefined behavior in practice.The codebase already has safe conversion helpers (e.g.
kth::network_to_cpp(kth_network_t)inhelpers.hpp) that map unknown values to a sensible default (typicallymainnet). Hand-written C-API code uses these helpers consistently, but the generated bindings emit rawstatic_castinstead.Current behavior (generated code)
Expected behavior
Or a generic pattern that works for all registered enums.
Scope
This affects every generated function that takes a C enum parameter:
kth_network_t→config::network(payment_address, get_blocks, get_headers, etc.)kth_script_flags_t→machine::script_flagsPossible fix
Option A: Register a safe conversion helper per enum in the generator's
_ENUM_REGISTRY, and emit calls to it instead ofstatic_cast.Option B: Generate a generic helper template:
Option C: Add a
defaultcase to eachswitchthat uses the enum, returning a sensible fallback. This is whatnetwork_to_cppalready does internally.Flagged by
Cursor Bugbot on PR #241 (comment #8).