mikros/rust
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Rollup merge of #123806 - joboet:advanced_overflow, r=Amanieu

Browse Source 
Panic on overflow in `BorrowedCursor::advance`

Passing `usize::MAX` to `advance` clearly isn't correct, but the current assertion fails to detect this when overflow checks are disabled. This isn't unsound, but should probably be fixed regardless.
This commit is contained in:
Matthias Krüger 2024-04-11 22:38:56 +02:00 committed by GitHub
commit d8ae975c02
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 12 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
library/core/src/io/borrowed_buf.rs
View File

@ -249,9 +249,10 @@ pub unsafe fn as_mut(&mut self) -> &mut [MaybeUninit<u8>] {
/// Panics if there are less than `n` bytes initialized. /// Panics if there are less than `n` bytes initialized.
#[inline] #[inline]
pub fn advance(&mut self, n: usize) -> &mut Self { pub fn advance(&mut self, n: usize) -> &mut Self {
assert!(self.buf.init >= self.buf.filled + n); let filled = self.buf.filled.strict_add(n);
assert!(filled <= self.buf.init);
self.buf.filled += n; self.buf.filled = filled;
self self
} }

9
library/std/src/io/tests.rs
View File

@ -209,6 +209,15 @@ fn read_buf_exact() {
assert_eq!(c.read_buf_exact(buf.unfilled()).unwrap_err().kind(), io::ErrorKind::UnexpectedEof); assert_eq!(c.read_buf_exact(buf.unfilled()).unwrap_err().kind(), io::ErrorKind::UnexpectedEof);
} }
#[test]
#[should_panic]
fn borrowed_cursor_advance_overflow() {
let mut buf = [0; 512];
let mut buf = BorrowedBuf::from(&mut buf[..]);
buf.unfilled().advance(1);
buf.unfilled().advance(usize::MAX);
}
#[test] #[test]
fn take_eof() { fn take_eof() {
struct R; struct R;