mirror of
https://github.com/google/flatbuffers.git
synced 2026-06-23 03:20:01 +00:00
Rust soundness fixes (#7518)
* Rust soundness fixes * Second pass * Make init_from_table unsafe * Remove SafeSliceAccess * Clippy * Remove create_vector_of_strings * More clippy * Remove deprecated root type accessors * More soundness fixes * Fix EndianScalar for bool * Add TriviallyTransmutable * Add debug assertions * Review comments * Review feedback
This commit is contained in:
Raphael Taylor-Davies
committed by
GitHub
GitHub
parent
dadbff5714
commit
374f8fb5fb
@@ -59,10 +59,8 @@ impl core::fmt::Debug for EnumInNestedNS {
|
||||
impl<'a> flatbuffers::Follow<'a> for EnumInNestedNS {
|
||||
type Inner = Self;
|
||||
#[inline]
|
||||
fn follow(buf: &'a [u8], loc: usize) -> Self::Inner {
|
||||
let b = unsafe {
|
||||
flatbuffers::read_scalar_at::<i8>(buf, loc)
|
||||
};
|
||||
unsafe fn follow(buf: &'a [u8], loc: usize) -> Self::Inner {
|
||||
let b = flatbuffers::read_scalar_at::<i8>(buf, loc);
|
||||
Self(b)
|
||||
}
|
||||
}
|
||||
@@ -70,21 +68,21 @@ impl<'a> flatbuffers::Follow<'a> for EnumInNestedNS {
|
||||
impl flatbuffers::Push for EnumInNestedNS {
|
||||
type Output = EnumInNestedNS;
|
||||
#[inline]
|
||||
fn push(&self, dst: &mut [u8], _rest: &[u8]) {
|
||||
unsafe { flatbuffers::emplace_scalar::<i8>(dst, self.0); }
|
||||
unsafe fn push(&self, dst: &mut [u8], _written_len: usize) {
|
||||
flatbuffers::emplace_scalar::<i8>(dst, self.0);
|
||||
}
|
||||
}
|
||||
|
||||
impl flatbuffers::EndianScalar for EnumInNestedNS {
|
||||
type Scalar = i8;
|
||||
#[inline]
|
||||
fn to_little_endian(self) -> Self {
|
||||
let b = i8::to_le(self.0);
|
||||
Self(b)
|
||||
fn to_little_endian(self) -> i8 {
|
||||
self.0.to_le()
|
||||
}
|
||||
#[inline]
|
||||
#[allow(clippy::wrong_self_convention)]
|
||||
fn from_little_endian(self) -> Self {
|
||||
let b = i8::from_le(self.0);
|
||||
fn from_little_endian(v: i8) -> Self {
|
||||
let b = i8::from_le(v);
|
||||
Self(b)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -28,39 +28,25 @@ impl core::fmt::Debug for StructInNestedNS {
|
||||
}
|
||||
|
||||
impl flatbuffers::SimpleToVerifyInSlice for StructInNestedNS {}
|
||||
impl flatbuffers::SafeSliceAccess for StructInNestedNS {}
|
||||
impl<'a> flatbuffers::Follow<'a> for StructInNestedNS {
|
||||
type Inner = &'a StructInNestedNS;
|
||||
#[inline]
|
||||
fn follow(buf: &'a [u8], loc: usize) -> Self::Inner {
|
||||
unsafe fn follow(buf: &'a [u8], loc: usize) -> Self::Inner {
|
||||
<&'a StructInNestedNS>::follow(buf, loc)
|
||||
}
|
||||
}
|
||||
impl<'a> flatbuffers::Follow<'a> for &'a StructInNestedNS {
|
||||
type Inner = &'a StructInNestedNS;
|
||||
#[inline]
|
||||
fn follow(buf: &'a [u8], loc: usize) -> Self::Inner {
|
||||
unsafe fn follow(buf: &'a [u8], loc: usize) -> Self::Inner {
|
||||
flatbuffers::follow_cast_ref::<StructInNestedNS>(buf, loc)
|
||||
}
|
||||
}
|
||||
impl<'b> flatbuffers::Push for StructInNestedNS {
|
||||
type Output = StructInNestedNS;
|
||||
#[inline]
|
||||
fn push(&self, dst: &mut [u8], _rest: &[u8]) {
|
||||
let src = unsafe {
|
||||
::core::slice::from_raw_parts(self as *const StructInNestedNS as *const u8, Self::size())
|
||||
};
|
||||
dst.copy_from_slice(src);
|
||||
}
|
||||
}
|
||||
impl<'b> flatbuffers::Push for &'b StructInNestedNS {
|
||||
type Output = StructInNestedNS;
|
||||
|
||||
#[inline]
|
||||
fn push(&self, dst: &mut [u8], _rest: &[u8]) {
|
||||
let src = unsafe {
|
||||
::core::slice::from_raw_parts(*self as *const StructInNestedNS as *const u8, Self::size())
|
||||
};
|
||||
unsafe fn push(&self, dst: &mut [u8], _written_len: usize) {
|
||||
let src = ::core::slice::from_raw_parts(self as *const StructInNestedNS as *const u8, Self::size());
|
||||
dst.copy_from_slice(src);
|
||||
}
|
||||
}
|
||||
@@ -92,47 +78,59 @@ impl<'a> StructInNestedNS {
|
||||
}
|
||||
|
||||
pub fn a(&self) -> i32 {
|
||||
let mut mem = core::mem::MaybeUninit::<i32>::uninit();
|
||||
unsafe {
|
||||
let mut mem = core::mem::MaybeUninit::<<i32 as EndianScalar>::Scalar>::uninit();
|
||||
// Safety:
|
||||
// Created from a valid Table for this object
|
||||
// Which contains a valid value in this slot
|
||||
EndianScalar::from_little_endian(unsafe {
|
||||
core::ptr::copy_nonoverlapping(
|
||||
self.0[0..].as_ptr(),
|
||||
mem.as_mut_ptr() as *mut u8,
|
||||
core::mem::size_of::<i32>(),
|
||||
core::mem::size_of::<<i32 as EndianScalar>::Scalar>(),
|
||||
);
|
||||
mem.assume_init()
|
||||
}.from_little_endian()
|
||||
})
|
||||
}
|
||||
|
||||
pub fn set_a(&mut self, x: i32) {
|
||||
let x_le = x.to_little_endian();
|
||||
// Safety:
|
||||
// Created from a valid Table for this object
|
||||
// Which contains a valid value in this slot
|
||||
unsafe {
|
||||
core::ptr::copy_nonoverlapping(
|
||||
&x_le as *const i32 as *const u8,
|
||||
&x_le as *const _ as *const u8,
|
||||
self.0[0..].as_mut_ptr(),
|
||||
core::mem::size_of::<i32>(),
|
||||
core::mem::size_of::<<i32 as EndianScalar>::Scalar>(),
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
pub fn b(&self) -> i32 {
|
||||
let mut mem = core::mem::MaybeUninit::<i32>::uninit();
|
||||
unsafe {
|
||||
let mut mem = core::mem::MaybeUninit::<<i32 as EndianScalar>::Scalar>::uninit();
|
||||
// Safety:
|
||||
// Created from a valid Table for this object
|
||||
// Which contains a valid value in this slot
|
||||
EndianScalar::from_little_endian(unsafe {
|
||||
core::ptr::copy_nonoverlapping(
|
||||
self.0[4..].as_ptr(),
|
||||
mem.as_mut_ptr() as *mut u8,
|
||||
core::mem::size_of::<i32>(),
|
||||
core::mem::size_of::<<i32 as EndianScalar>::Scalar>(),
|
||||
);
|
||||
mem.assume_init()
|
||||
}.from_little_endian()
|
||||
})
|
||||
}
|
||||
|
||||
pub fn set_b(&mut self, x: i32) {
|
||||
let x_le = x.to_little_endian();
|
||||
// Safety:
|
||||
// Created from a valid Table for this object
|
||||
// Which contains a valid value in this slot
|
||||
unsafe {
|
||||
core::ptr::copy_nonoverlapping(
|
||||
&x_le as *const i32 as *const u8,
|
||||
&x_le as *const _ as *const u8,
|
||||
self.0[4..].as_mut_ptr(),
|
||||
core::mem::size_of::<i32>(),
|
||||
core::mem::size_of::<<i32 as EndianScalar>::Scalar>(),
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -19,8 +19,8 @@ pub struct TableInNestedNS<'a> {
|
||||
impl<'a> flatbuffers::Follow<'a> for TableInNestedNS<'a> {
|
||||
type Inner = TableInNestedNS<'a>;
|
||||
#[inline]
|
||||
fn follow(buf: &'a [u8], loc: usize) -> Self::Inner {
|
||||
Self { _tab: flatbuffers::Table { buf, loc } }
|
||||
unsafe fn follow(buf: &'a [u8], loc: usize) -> Self::Inner {
|
||||
Self { _tab: flatbuffers::Table::new(buf, loc) }
|
||||
}
|
||||
}
|
||||
|
||||
@@ -32,7 +32,7 @@ impl<'a> TableInNestedNS<'a> {
|
||||
}
|
||||
|
||||
#[inline]
|
||||
pub fn init_from_table(table: flatbuffers::Table<'a>) -> Self {
|
||||
pub unsafe fn init_from_table(table: flatbuffers::Table<'a>) -> Self {
|
||||
TableInNestedNS { _tab: table }
|
||||
}
|
||||
#[allow(unused_mut)]
|
||||
@@ -54,7 +54,10 @@ impl<'a> TableInNestedNS<'a> {
|
||||
|
||||
#[inline]
|
||||
pub fn foo(&self) -> i32 {
|
||||
self._tab.get::<i32>(TableInNestedNS::VT_FOO, Some(0)).unwrap()
|
||||
// Safety:
|
||||
// Created from valid Table for this object
|
||||
// which contains a valid value in this slot
|
||||
unsafe { self._tab.get::<i32>(TableInNestedNS::VT_FOO, Some(0)).unwrap()}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -55,10 +55,8 @@ impl core::fmt::Debug for UnionInNestedNS {
|
||||
impl<'a> flatbuffers::Follow<'a> for UnionInNestedNS {
|
||||
type Inner = Self;
|
||||
#[inline]
|
||||
fn follow(buf: &'a [u8], loc: usize) -> Self::Inner {
|
||||
let b = unsafe {
|
||||
flatbuffers::read_scalar_at::<u8>(buf, loc)
|
||||
};
|
||||
unsafe fn follow(buf: &'a [u8], loc: usize) -> Self::Inner {
|
||||
let b = flatbuffers::read_scalar_at::<u8>(buf, loc);
|
||||
Self(b)
|
||||
}
|
||||
}
|
||||
@@ -66,21 +64,21 @@ impl<'a> flatbuffers::Follow<'a> for UnionInNestedNS {
|
||||
impl flatbuffers::Push for UnionInNestedNS {
|
||||
type Output = UnionInNestedNS;
|
||||
#[inline]
|
||||
fn push(&self, dst: &mut [u8], _rest: &[u8]) {
|
||||
unsafe { flatbuffers::emplace_scalar::<u8>(dst, self.0); }
|
||||
unsafe fn push(&self, dst: &mut [u8], _written_len: usize) {
|
||||
flatbuffers::emplace_scalar::<u8>(dst, self.0);
|
||||
}
|
||||
}
|
||||
|
||||
impl flatbuffers::EndianScalar for UnionInNestedNS {
|
||||
type Scalar = u8;
|
||||
#[inline]
|
||||
fn to_little_endian(self) -> Self {
|
||||
let b = u8::to_le(self.0);
|
||||
Self(b)
|
||||
fn to_little_endian(self) -> u8 {
|
||||
self.0.to_le()
|
||||
}
|
||||
#[inline]
|
||||
#[allow(clippy::wrong_self_convention)]
|
||||
fn from_little_endian(self) -> Self {
|
||||
let b = u8::from_le(self.0);
|
||||
fn from_little_endian(v: u8) -> Self {
|
||||
let b = u8::from_le(v);
|
||||
Self(b)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -19,8 +19,8 @@ pub struct SecondTableInA<'a> {
|
||||
impl<'a> flatbuffers::Follow<'a> for SecondTableInA<'a> {
|
||||
type Inner = SecondTableInA<'a>;
|
||||
#[inline]
|
||||
fn follow(buf: &'a [u8], loc: usize) -> Self::Inner {
|
||||
Self { _tab: flatbuffers::Table { buf, loc } }
|
||||
unsafe fn follow(buf: &'a [u8], loc: usize) -> Self::Inner {
|
||||
Self { _tab: flatbuffers::Table::new(buf, loc) }
|
||||
}
|
||||
}
|
||||
|
||||
@@ -32,7 +32,7 @@ impl<'a> SecondTableInA<'a> {
|
||||
}
|
||||
|
||||
#[inline]
|
||||
pub fn init_from_table(table: flatbuffers::Table<'a>) -> Self {
|
||||
pub unsafe fn init_from_table(table: flatbuffers::Table<'a>) -> Self {
|
||||
SecondTableInA { _tab: table }
|
||||
}
|
||||
#[allow(unused_mut)]
|
||||
@@ -56,7 +56,10 @@ impl<'a> SecondTableInA<'a> {
|
||||
|
||||
#[inline]
|
||||
pub fn refer_to_c(&self) -> Option<super::namespace_c::TableInC<'a>> {
|
||||
self._tab.get::<flatbuffers::ForwardsUOffset<super::namespace_c::TableInC>>(SecondTableInA::VT_REFER_TO_C, None)
|
||||
// Safety:
|
||||
// Created from valid Table for this object
|
||||
// which contains a valid value in this slot
|
||||
unsafe { self._tab.get::<flatbuffers::ForwardsUOffset<super::namespace_c::TableInC>>(SecondTableInA::VT_REFER_TO_C, None)}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -19,8 +19,8 @@ pub struct TableInFirstNS<'a> {
|
||||
impl<'a> flatbuffers::Follow<'a> for TableInFirstNS<'a> {
|
||||
type Inner = TableInFirstNS<'a>;
|
||||
#[inline]
|
||||
fn follow(buf: &'a [u8], loc: usize) -> Self::Inner {
|
||||
Self { _tab: flatbuffers::Table { buf, loc } }
|
||||
unsafe fn follow(buf: &'a [u8], loc: usize) -> Self::Inner {
|
||||
Self { _tab: flatbuffers::Table::new(buf, loc) }
|
||||
}
|
||||
}
|
||||
|
||||
@@ -36,7 +36,7 @@ impl<'a> TableInFirstNS<'a> {
|
||||
}
|
||||
|
||||
#[inline]
|
||||
pub fn init_from_table(table: flatbuffers::Table<'a>) -> Self {
|
||||
pub unsafe fn init_from_table(table: flatbuffers::Table<'a>) -> Self {
|
||||
TableInFirstNS { _tab: table }
|
||||
}
|
||||
#[allow(unused_mut)]
|
||||
@@ -80,29 +80,49 @@ impl<'a> TableInFirstNS<'a> {
|
||||
|
||||
#[inline]
|
||||
pub fn foo_table(&self) -> Option<namespace_b::TableInNestedNS<'a>> {
|
||||
self._tab.get::<flatbuffers::ForwardsUOffset<namespace_b::TableInNestedNS>>(TableInFirstNS::VT_FOO_TABLE, None)
|
||||
// Safety:
|
||||
// Created from valid Table for this object
|
||||
// which contains a valid value in this slot
|
||||
unsafe { self._tab.get::<flatbuffers::ForwardsUOffset<namespace_b::TableInNestedNS>>(TableInFirstNS::VT_FOO_TABLE, None)}
|
||||
}
|
||||
#[inline]
|
||||
pub fn foo_enum(&self) -> namespace_b::EnumInNestedNS {
|
||||
self._tab.get::<namespace_b::EnumInNestedNS>(TableInFirstNS::VT_FOO_ENUM, Some(namespace_b::EnumInNestedNS::A)).unwrap()
|
||||
// Safety:
|
||||
// Created from valid Table for this object
|
||||
// which contains a valid value in this slot
|
||||
unsafe { self._tab.get::<namespace_b::EnumInNestedNS>(TableInFirstNS::VT_FOO_ENUM, Some(namespace_b::EnumInNestedNS::A)).unwrap()}
|
||||
}
|
||||
#[inline]
|
||||
pub fn foo_union_type(&self) -> namespace_b::UnionInNestedNS {
|
||||
self._tab.get::<namespace_b::UnionInNestedNS>(TableInFirstNS::VT_FOO_UNION_TYPE, Some(namespace_b::UnionInNestedNS::NONE)).unwrap()
|
||||
// Safety:
|
||||
// Created from valid Table for this object
|
||||
// which contains a valid value in this slot
|
||||
unsafe { self._tab.get::<namespace_b::UnionInNestedNS>(TableInFirstNS::VT_FOO_UNION_TYPE, Some(namespace_b::UnionInNestedNS::NONE)).unwrap()}
|
||||
}
|
||||
#[inline]
|
||||
pub fn foo_union(&self) -> Option<flatbuffers::Table<'a>> {
|
||||
self._tab.get::<flatbuffers::ForwardsUOffset<flatbuffers::Table<'a>>>(TableInFirstNS::VT_FOO_UNION, None)
|
||||
// Safety:
|
||||
// Created from valid Table for this object
|
||||
// which contains a valid value in this slot
|
||||
unsafe { self._tab.get::<flatbuffers::ForwardsUOffset<flatbuffers::Table<'a>>>(TableInFirstNS::VT_FOO_UNION, None)}
|
||||
}
|
||||
#[inline]
|
||||
pub fn foo_struct(&self) -> Option<&'a namespace_b::StructInNestedNS> {
|
||||
self._tab.get::<namespace_b::StructInNestedNS>(TableInFirstNS::VT_FOO_STRUCT, None)
|
||||
// Safety:
|
||||
// Created from valid Table for this object
|
||||
// which contains a valid value in this slot
|
||||
unsafe { self._tab.get::<namespace_b::StructInNestedNS>(TableInFirstNS::VT_FOO_STRUCT, None)}
|
||||
}
|
||||
#[inline]
|
||||
#[allow(non_snake_case)]
|
||||
pub fn foo_union_as_table_in_nested_ns(&self) -> Option<namespace_b::TableInNestedNS<'a>> {
|
||||
if self.foo_union_type() == namespace_b::UnionInNestedNS::TableInNestedNS {
|
||||
self.foo_union().map(namespace_b::TableInNestedNS::init_from_table)
|
||||
self.foo_union().map(|t| {
|
||||
// Safety:
|
||||
// Created from a valid Table for this object
|
||||
// Which contains a valid union in this slot
|
||||
unsafe { namespace_b::TableInNestedNS::init_from_table(t) }
|
||||
})
|
||||
} else {
|
||||
None
|
||||
}
|
||||
|
||||
@@ -19,8 +19,8 @@ pub struct TableInC<'a> {
|
||||
impl<'a> flatbuffers::Follow<'a> for TableInC<'a> {
|
||||
type Inner = TableInC<'a>;
|
||||
#[inline]
|
||||
fn follow(buf: &'a [u8], loc: usize) -> Self::Inner {
|
||||
Self { _tab: flatbuffers::Table { buf, loc } }
|
||||
unsafe fn follow(buf: &'a [u8], loc: usize) -> Self::Inner {
|
||||
Self { _tab: flatbuffers::Table::new(buf, loc) }
|
||||
}
|
||||
}
|
||||
|
||||
@@ -33,7 +33,7 @@ impl<'a> TableInC<'a> {
|
||||
}
|
||||
|
||||
#[inline]
|
||||
pub fn init_from_table(table: flatbuffers::Table<'a>) -> Self {
|
||||
pub unsafe fn init_from_table(table: flatbuffers::Table<'a>) -> Self {
|
||||
TableInC { _tab: table }
|
||||
}
|
||||
#[allow(unused_mut)]
|
||||
@@ -62,11 +62,17 @@ impl<'a> TableInC<'a> {
|
||||
|
||||
#[inline]
|
||||
pub fn refer_to_a1(&self) -> Option<super::namespace_a::TableInFirstNS<'a>> {
|
||||
self._tab.get::<flatbuffers::ForwardsUOffset<super::namespace_a::TableInFirstNS>>(TableInC::VT_REFER_TO_A1, None)
|
||||
// Safety:
|
||||
// Created from valid Table for this object
|
||||
// which contains a valid value in this slot
|
||||
unsafe { self._tab.get::<flatbuffers::ForwardsUOffset<super::namespace_a::TableInFirstNS>>(TableInC::VT_REFER_TO_A1, None)}
|
||||
}
|
||||
#[inline]
|
||||
pub fn refer_to_a2(&self) -> Option<super::namespace_a::SecondTableInA<'a>> {
|
||||
self._tab.get::<flatbuffers::ForwardsUOffset<super::namespace_a::SecondTableInA>>(TableInC::VT_REFER_TO_A2, None)
|
||||
// Safety:
|
||||
// Created from valid Table for this object
|
||||
// which contains a valid value in this slot
|
||||
unsafe { self._tab.get::<flatbuffers::ForwardsUOffset<super::namespace_a::SecondTableInA>>(TableInC::VT_REFER_TO_A2, None)}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user