Replace as casts with safer conversions
#510
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
newpavlov
commented
Oct 9, 2024
| const _: () = | ||
| assert!(core::mem::size_of::<libc::c_long>() == core::mem::size_of::<libc::ssize_t>()); | ||
| res.try_into() | ||
| .expect("c_long to ssize_t conversion is lossless") |
There was a problem hiding this comment.
This cast will be no longer needed if #508 lands.
newpavlov
changed the title
as casts with safer conversions
newpavlov
commented
Oct 9, 2024
| @@ -24,10 +24,16 @@ pub fn getrandom_inner(dest: &mut [MaybeUninit<u8>]) -> Result<(), Error> { | |||
| // https://docs.rs/wasi/0.11.0+wasi-snapshot-preview1/src/wasi/lib_generated.rs.html#2046-2062 | |||
| // Note that size of an allocated object can not be bigger than isize::MAX bytes. | |||
| // WASI 0.1 supports only 32-bit WASM, so casting length to `i32` is safe. | |||
| #[allow(clippy::cast_possible_truncation, clippy::cast_possible_wrap)] | |||
There was a problem hiding this comment.
This is the only place for which we have to disable the lints. Unfortunately, the compiler does not use the requirement that non-ZST allocations can not be bigger than isize::MAX during optimizations, so using i32::try_from(dest.len()).unwrap() will contain a panic. We could return Error::UNEXPECTED if dest.len() > i32::MAX, but I don't like such hack.
Also, IIRC WASI executors interprets i32 length in random_get as an unsigned integer, so we could've legitimately used cast_signed here, but unfortunately it's not stable.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Based on #445.