From 4096c9f25f59e67835999ec6c89bc4ca1f3dcad0 Mon Sep 17 00:00:00 2001
From: asdf <asdf@debian.localdomain>
Date: Sat, 5 Jan 2013 05:52:37 -0500
Subject: [PATCH] adding bound checks for raw::memcpy and memmove

---
 src/libcore/vec.rs | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/src/libcore/vec.rs b/src/libcore/vec.rs
index cdd8db6c543..758c35cc14b 100644
--- a/src/libcore/vec.rs
+++ b/src/libcore/vec.rs
@@ -1960,6 +1960,9 @@ pub mod raw {
       * may overlap.
       */
     pub unsafe fn memcpy<T>(dst: &[mut T], src: &[const T], count: uint) {
+        assert dst.len() >= count;
+        assert src.len() >= count;
+
         do as_mut_buf(dst) |p_dst, _len_dst| {
             do as_const_buf(src) |p_src, _len_src| {
                 ptr::memcpy(p_dst, p_src, count)
@@ -1974,6 +1977,9 @@ pub mod raw {
       * may overlap.
       */
     pub unsafe fn memmove<T>(dst: &[mut T], src: &[const T], count: uint) {
+        assert dst.len() >= count;
+        assert src.len() >= count;
+
         do as_mut_buf(dst) |p_dst, _len_dst| {
             do as_const_buf(src) |p_src, _len_src| {
                 ptr::memmove(p_dst, p_src, count)
@@ -3730,6 +3736,15 @@ mod tests {
             fail
         }
     }
+
+    #[test]
+    #[should_fail]
+    fn test_memcpy_oob() unsafe {
+        let a = [mut 1, 2, 3, 4];
+        let b = [1, 2, 3, 4, 5];
+        raw::memcpy(a, b, 5);
+    }
+
 }
 
 // Local Variables: