Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix str mutating through a ptr derived from &self #58200

Merged
merged 4 commits into from
Feb 13, 2019
Merged
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
30 changes: 23 additions & 7 deletions src/libcore/str/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -1757,9 +1757,9 @@ mod traits {
}
#[inline]
unsafe fn get_unchecked_mut(self, slice: &mut str) -> &mut Self::Output {
let ptr = slice.as_ptr().add(self.start);
let ptr = slice.as_mut_ptr().add(self.start);
let len = self.end - self.start;
super::from_utf8_unchecked_mut(slice::from_raw_parts_mut(ptr as *mut u8, len))
super::from_utf8_unchecked_mut(slice::from_raw_parts_mut(ptr, len))
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Notice that this raw ptr cast here is the "canary" that gave away that the old code was wrong -- it was actually casting *const u8 to *mut u8, which should not have been necessary.

}
#[inline]
fn index(self, slice: &str) -> &Self::Output {
Expand Down Expand Up @@ -1821,8 +1821,8 @@ mod traits {
}
#[inline]
unsafe fn get_unchecked_mut(self, slice: &mut str) -> &mut Self::Output {
let ptr = slice.as_ptr();
super::from_utf8_unchecked_mut(slice::from_raw_parts_mut(ptr as *mut u8, self.end))
let ptr = slice.as_mut_ptr();
super::from_utf8_unchecked_mut(slice::from_raw_parts_mut(ptr, self.end))
}
#[inline]
fn index(self, slice: &str) -> &Self::Output {
Expand Down Expand Up @@ -1883,9 +1883,9 @@ mod traits {
}
#[inline]
unsafe fn get_unchecked_mut(self, slice: &mut str) -> &mut Self::Output {
let ptr = slice.as_ptr().add(self.start);
let ptr = slice.as_mut_ptr().add(self.start);
let len = slice.len() - self.start;
super::from_utf8_unchecked_mut(slice::from_raw_parts_mut(ptr as *mut u8, len))
super::from_utf8_unchecked_mut(slice::from_raw_parts_mut(ptr, len))
}
#[inline]
fn index(self, slice: &str) -> &Self::Output {
Expand Down Expand Up @@ -2213,6 +2213,22 @@ impl str {
self as *const str as *const u8
}

/// Converts a mutable string slice to a raw pointer.
///
/// As string slices are a slice of bytes, the raw pointer points to a
/// [`u8`]. This pointer will be pointing to the first byte of the string
/// slice.
///
/// It is your responsibility to make sure that the string slice only gets
/// modified in a way that it remains valid UTF-8.
///
/// [`u8`]: primitive.u8.html
#[unstable(feature = "str_as_mut_ptr", issue = "58215")]
#[inline]
pub fn as_mut_ptr(&mut self) -> *mut u8 {
self as *mut str as *mut u8
}

/// Returns a subslice of `str`.
///
/// This is the non-panicking alternative to indexing the `str`. Returns
Expand Down Expand Up @@ -2500,7 +2516,7 @@ impl str {
// is_char_boundary checks that the index is in [0, .len()]
if self.is_char_boundary(mid) {
let len = self.len();
let ptr = self.as_ptr() as *mut u8;
let ptr = self.as_mut_ptr();
unsafe {
(from_utf8_unchecked_mut(slice::from_raw_parts_mut(ptr, mid)),
from_utf8_unchecked_mut(slice::from_raw_parts_mut(
Expand Down