aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGravatar Carl Lerche <me@carllerche.com> 2020-10-16 15:45:38 -0700
committerGravatar GitHub <noreply@github.com> 2020-10-16 15:45:38 -0700
commitced050730c7a5f9d322c0cf9aedea67f16151e90 (patch)
tree7b3ed1687879911b55c643cb7dc1a375c1b0bc66
parent94c543f74b111e894d16faa43e4ad361b97ee87d (diff)
downloadbytes-ced050730c7a5f9d322c0cf9aedea67f16151e90.tar.gz
bytes-ced050730c7a5f9d322c0cf9aedea67f16151e90.tar.zst
bytes-ced050730c7a5f9d322c0cf9aedea67f16151e90.zip
Make BufMut an unsafe trait (#432)
Users of `BufMut` are unable to defend against incorrect implementations of `BufMut`, this makes the trait unsafe to implement. Fixes #329
Diffstat
-rw-r--r--src/buf/buf_mut.rs10
-rw-r--r--src/buf/chain.rs2
-rw-r--r--src/buf/limit.rs2
-rw-r--r--src/bytes_mut.rs2
-rw-r--r--tests/test_buf_mut.rs2
5 files changed, 9 insertions, 9 deletions
diff --git a/src/buf/buf_mut.rs b/src/buf/buf_mut.rs
index 4f6e47d..026bcad 100644
--- a/src/buf/buf_mut.rs
+++ b/src/buf/buf_mut.rs
@@ -30,7 +30,7 @@ use alloc::{boxed::Box, vec::Vec};
///
/// assert_eq!(buf, b"hello world");
/// ```
-pub trait BufMut {
+pub unsafe trait BufMut {
/// Returns the number of bytes that can be written from the current
/// position until the end of the buffer is reached.
///
@@ -992,15 +992,15 @@ macro_rules! deref_forward_bufmut {
};
}
-impl<T: BufMut + ?Sized> BufMut for &mut T {
+unsafe impl<T: BufMut + ?Sized> BufMut for &mut T {
deref_forward_bufmut!();
}
-impl<T: BufMut + ?Sized> BufMut for Box<T> {
+unsafe impl<T: BufMut + ?Sized> BufMut for Box<T> {
deref_forward_bufmut!();
}
-impl BufMut for &mut [u8] {
+unsafe impl BufMut for &mut [u8] {
#[inline]
fn remaining_mut(&self) -> usize {
self.len()
@@ -1020,7 +1020,7 @@ impl BufMut for &mut [u8] {
}
}
-impl BufMut for Vec<u8> {
+unsafe impl BufMut for Vec<u8> {
#[inline]
fn remaining_mut(&self) -> usize {
usize::MAX - self.len()
diff --git a/src/buf/chain.rs b/src/buf/chain.rs
index 020bf08..cc2c944 100644
--- a/src/buf/chain.rs
+++ b/src/buf/chain.rs
@@ -174,7 +174,7 @@ where
}
}
-impl<T, U> BufMut for Chain<T, U>
+unsafe impl<T, U> BufMut for Chain<T, U>
where
T: BufMut,
U: BufMut,
diff --git a/src/buf/limit.rs b/src/buf/limit.rs
index a36ecee..c6ed3c7 100644
--- a/src/buf/limit.rs
+++ b/src/buf/limit.rs
@@ -55,7 +55,7 @@ impl<T> Limit<T> {
}
}
-impl<T: BufMut> BufMut for Limit<T> {
+unsafe impl<T: BufMut> BufMut for Limit<T> {
fn remaining_mut(&self) -> usize {
cmp::min(self.inner.remaining_mut(), self.limit)
}
diff --git a/src/bytes_mut.rs b/src/bytes_mut.rs
index a7a8e57..16cb72c 100644
--- a/src/bytes_mut.rs
+++ b/src/bytes_mut.rs
@@ -966,7 +966,7 @@ impl Buf for BytesMut {
}
}
-impl BufMut for BytesMut {
+unsafe impl BufMut for BytesMut {
#[inline]
fn remaining_mut(&self) -> usize {
usize::MAX - self.len()
diff --git a/tests/test_buf_mut.rs b/tests/test_buf_mut.rs
index 10c526d..e994883 100644
--- a/tests/test_buf_mut.rs
+++ b/tests/test_buf_mut.rs
@@ -75,7 +75,7 @@ fn test_mut_slice() {
fn test_deref_bufmut_forwards() {
struct Special;
- impl BufMut for Special {
+ unsafe impl BufMut for Special {
fn remaining_mut(&self) -> usize {
unreachable!("remaining_mut");
}
generated by cgit v1.2.3 (git 2.39.1) at 2025-07-31 18:13:07 +0000