GothenburgBitFactory/taskwarrior
1
0
Fork 0
mirror of https://github.com/GothenburgBitFactory/taskwarrior.git synced 2025-07-07 20:06:36 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 6

limit unsafe regions

Browse source
This commit is contained in:
Dustin J. Mitchell 2022-02-01 00:48:49 +00:00
parent 22a6857c1b
commit 03ffb6ce83
3 changed files with 10 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

3
lib/src/lib.rs
View file

@ -1,7 +1,6 @@
#![warn(unsafe_op_in_unsafe_fn)]
mod util; mod util;
// TODO: #![..]
#[warn(unsafe_op_in_unsafe_fn)]
pub mod replica; pub mod replica;
pub mod result; pub mod result;
pub mod status; pub mod status;

6
lib/src/string.rs
View file

@ -52,7 +52,8 @@ impl<'a> TCString<'a> {
/// the lifetime promised by C. /// the lifetime promised by C.
pub(crate) unsafe fn from_arg(tcstring: *mut TCString<'a>) -> Self { pub(crate) unsafe fn from_arg(tcstring: *mut TCString<'a>) -> Self {
debug_assert!(!tcstring.is_null()); debug_assert!(!tcstring.is_null());
*(Box::from_raw(tcstring)) // SAFETY: see docstring
unsafe { *(Box::from_raw(tcstring)) }
} }
/// Borrow a TCString from C as an argument. /// Borrow a TCString from C as an argument.
@ -64,7 +65,8 @@ impl<'a> TCString<'a> {
/// the lifetime promised by C. /// the lifetime promised by C.
pub(crate) unsafe fn from_arg_ref(tcstring: *mut TCString<'a>) -> &'a mut Self { pub(crate) unsafe fn from_arg_ref(tcstring: *mut TCString<'a>) -> &'a mut Self {
debug_assert!(!tcstring.is_null()); debug_assert!(!tcstring.is_null());
&mut *tcstring // SAFETY: see docstring
unsafe { &mut *tcstring }
} }
/// Get a regular Rust &str for this value. /// Get a regular Rust &str for this value.

8
lib/src/task.rs
View file

@ -53,7 +53,8 @@ impl TCTask {
/// the lifetime promised by C. /// the lifetime promised by C.
pub(crate) unsafe fn from_arg_ref<'a>(tctask: *mut TCTask) -> &'a mut Self { pub(crate) unsafe fn from_arg_ref<'a>(tctask: *mut TCTask) -> &'a mut Self {
debug_assert!(!tctask.is_null()); debug_assert!(!tctask.is_null());
&mut *tctask // SAFETY: see docstring
unsafe { &mut *tctask }
} }
/// Take a TCTask from C as an argument. /// Take a TCTask from C as an argument.
@ -63,7 +64,8 @@ impl TCTask {
/// The pointer must not be NULL. The pointer becomes invalid before this function returns. /// The pointer must not be NULL. The pointer becomes invalid before this function returns.
pub(crate) unsafe fn from_arg<'a>(tctask: *mut TCTask) -> Self { pub(crate) unsafe fn from_arg<'a>(tctask: *mut TCTask) -> Self {
debug_assert!(!tctask.is_null()); debug_assert!(!tctask.is_null());
*Box::from_raw(tctask) // SAFETY: see docstring
unsafe { *Box::from_raw(tctask) }
} }
/// Convert a TCTask to a return value for handing off to C. /// Convert a TCTask to a return value for handing off to C.
@ -84,7 +86,7 @@ impl TCTask {
// SAFETY: // SAFETY:
// - tcreplica is not null (promised by caller) // - tcreplica is not null (promised by caller)
// - tcreplica outlives the pointer in this variant (promised by caller) // - tcreplica outlives the pointer in this variant (promised by caller)
let tcreplica_ref: &mut TCReplica = TCReplica::from_arg_ref(tcreplica); let tcreplica_ref: &mut TCReplica = unsafe { TCReplica::from_arg_ref(tcreplica) };
let rep_ref = tcreplica_ref.borrow_mut(); let rep_ref = tcreplica_ref.borrow_mut();
Inner::Mutable(task.into_mut(rep_ref), tcreplica) Inner::Mutable(task.into_mut(rep_ref), tcreplica)
} }