rustix icon indicating copy to clipboard operation
rustix copied to clipboard

Published 20 hours ago verified publisher icon bytecodealliance

Reading into uninitialized buffers

Open sunfishcode opened this issue 3 years ago • 2 comments

Currently, read takes a &mut [u8]. That's fine for many use cases, but it does require the buffer to be initialized before calling read, so it's currently not possible to read directly into uninitialized memory.

For Mustang, the C read API takes a raw pointer which may be pointing to an uninitialized buffer. Currently mustang does slice::from_raw_parts_mut, however this has undefined behavior if the slice is uninitialized.

sunfishcode avatar Oct 11 '21 12:10 sunfishcode

This issue affects Rust more broadly; here are some links:

  • https://rust-lang.github.io/rfcs/2930-read-buf.html
  • https://internals.rust-lang.org/t/reading-into-uninitialized-buffers-yet-again/13282/4
  • https://yosh.is/writing/uninit-read-write
  • https://github.com/rust-lang/rust/pull/97015

sunfishcode avatar Apr 30 '22 14:04 sunfishcode

Mustang is now using temporary buffers to avoid having UB, but it could avoid this overhead if rustix had a way to read into uninitialized buffers directly.

sunfishcode avatar Oct 07 '22 16:10 sunfishcode