0
0
Fork 0
mirror of https://github.com/denoland/rusty_v8.git synced 2025-01-12 00:54:15 -05:00

Fix misuse of MaybeUninit and avoid refs to uninit memory (#954)

This commit is contained in:
Timo 2022-05-11 02:22:10 +02:00 committed by GitHub
parent f36d8dae7f
commit 242e4cf97f
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 21 additions and 16 deletions

View file

@ -269,7 +269,8 @@ impl ChannelBase {
fn get_cxx_base_offset() -> FieldOffset<Channel> { fn get_cxx_base_offset() -> FieldOffset<Channel> {
let buf = std::mem::MaybeUninit::<Self>::uninit(); let buf = std::mem::MaybeUninit::<Self>::uninit();
FieldOffset::from_ptrs(buf.as_ptr(), unsafe { &(*buf.as_ptr()).cxx_base }) let base = unsafe { addr_of!((*buf.as_ptr()).cxx_base) };
FieldOffset::from_ptrs(buf.as_ptr(), base)
} }
fn get_offset_within_embedder<T>() -> FieldOffset<Self> fn get_offset_within_embedder<T>() -> FieldOffset<Self>
@ -278,6 +279,8 @@ impl ChannelBase {
{ {
let buf = std::mem::MaybeUninit::<T>::uninit(); let buf = std::mem::MaybeUninit::<T>::uninit();
let embedder_ptr: *const T = buf.as_ptr(); let embedder_ptr: *const T = buf.as_ptr();
// TODO(y21): the call to base() creates a reference to uninitialized memory (UB)
// fixing this requires changes in the ChannelImpl trait, namely ChannelImpl::base() can't take &self
let self_ptr: *const Self = unsafe { (*embedder_ptr).base() }; let self_ptr: *const Self = unsafe { (*embedder_ptr).base() };
FieldOffset::from_ptrs(embedder_ptr, self_ptr) FieldOffset::from_ptrs(embedder_ptr, self_ptr)
} }
@ -532,7 +535,8 @@ impl V8InspectorClientBase {
fn get_cxx_base_offset() -> FieldOffset<V8InspectorClient> { fn get_cxx_base_offset() -> FieldOffset<V8InspectorClient> {
let buf = std::mem::MaybeUninit::<Self>::uninit(); let buf = std::mem::MaybeUninit::<Self>::uninit();
FieldOffset::from_ptrs(buf.as_ptr(), unsafe { &(*buf.as_ptr()).cxx_base }) let base = unsafe { addr_of!((*buf.as_ptr()).cxx_base) };
FieldOffset::from_ptrs(buf.as_ptr(), base)
} }
fn get_offset_within_embedder<T>() -> FieldOffset<Self> fn get_offset_within_embedder<T>() -> FieldOffset<Self>
@ -668,6 +672,7 @@ use std::iter::ExactSizeIterator;
use std::iter::IntoIterator; use std::iter::IntoIterator;
use std::marker::PhantomData; use std::marker::PhantomData;
use std::ops::Deref; use std::ops::Deref;
use std::ptr::addr_of;
use std::ptr::null; use std::ptr::null;
use std::ptr::NonNull; use std::ptr::NonNull;
use std::slice; use std::slice;

View file

@ -1532,15 +1532,14 @@ mod raw {
#[repr(C)] #[repr(C)]
#[derive(Debug)] #[derive(Debug)]
pub(super) struct HandleScope([usize; 3]); pub(super) struct HandleScope([MaybeUninit<usize>; 3]);
impl HandleScope { impl HandleScope {
/// Creates an uninitialized `HandleScope`.
///
/// This function is marked unsafe because the caller must ensure that the /// This function is marked unsafe because the caller must ensure that the
/// returned value isn't dropped before `init()` has been called. /// returned value isn't dropped before `init()` has been called.
pub unsafe fn uninit() -> Self { pub unsafe fn uninit() -> Self {
// This is safe because there is no combination of bits that would produce
// an invalid `[usize; 3]`.
#[allow(clippy::uninit_assumed_init)]
Self(MaybeUninit::uninit().assume_init()) Self(MaybeUninit::uninit().assume_init())
} }
@ -1591,15 +1590,14 @@ mod raw {
#[repr(C)] #[repr(C)]
#[derive(Debug)] #[derive(Debug)]
pub(super) struct TryCatch([usize; 6]); pub(super) struct TryCatch([MaybeUninit<usize>; 6]);
impl TryCatch { impl TryCatch {
/// Creates an uninitialized `TryCatch`.
///
/// This function is marked unsafe because the caller must ensure that the /// This function is marked unsafe because the caller must ensure that the
/// returned value isn't dropped before `init()` has been called. /// returned value isn't dropped before `init()` has been called.
pub unsafe fn uninit() -> Self { pub unsafe fn uninit() -> Self {
// This is safe because there is no combination of bits that would produce
// an invalid `[usize; 6]`.
#[allow(clippy::uninit_assumed_init)]
Self(MaybeUninit::uninit().assume_init()) Self(MaybeUninit::uninit().assume_init())
} }

View file

@ -17,6 +17,7 @@ use crate::support::MaybeBool;
use std::ffi::c_void; use std::ffi::c_void;
use std::mem::MaybeUninit; use std::mem::MaybeUninit;
use std::pin::Pin; use std::pin::Pin;
use std::ptr::addr_of;
// Must be == sizeof(v8::ValueDeserializer::Delegate), // Must be == sizeof(v8::ValueDeserializer::Delegate),
// see v8__ValueDeserializer__Delegate__CONSTRUCT(). // see v8__ValueDeserializer__Delegate__CONSTRUCT().
@ -212,9 +213,9 @@ impl<'a, 's> ValueDeserializerHeap<'a, 's> {
fn get_cxx_value_deserializer_delegate_offset( fn get_cxx_value_deserializer_delegate_offset(
) -> FieldOffset<CxxValueDeserializerDelegate> { ) -> FieldOffset<CxxValueDeserializerDelegate> {
let buf = std::mem::MaybeUninit::<Self>::uninit(); let buf = std::mem::MaybeUninit::<Self>::uninit();
FieldOffset::from_ptrs(buf.as_ptr(), unsafe { let delegate =
&(*buf.as_ptr()).cxx_value_deserializer_delegate unsafe { addr_of!((*buf.as_ptr()).cxx_value_deserializer_delegate) };
}) FieldOffset::from_ptrs(buf.as_ptr(), delegate)
} }
/// Starting from 'this' pointer a ValueDeserializerHeap ref can be created /// Starting from 'this' pointer a ValueDeserializerHeap ref can be created

View file

@ -15,6 +15,7 @@ use std::alloc::dealloc;
use std::alloc::realloc; use std::alloc::realloc;
use std::alloc::Layout; use std::alloc::Layout;
use std::mem::MaybeUninit; use std::mem::MaybeUninit;
use std::ptr::addr_of;
use crate::support::CxxVTable; use crate::support::CxxVTable;
use crate::support::FieldOffset; use crate::support::FieldOffset;
@ -274,9 +275,9 @@ impl<'a, 's> ValueSerializerHeap<'a, 's> {
fn get_cxx_value_serializer_delegate_offset( fn get_cxx_value_serializer_delegate_offset(
) -> FieldOffset<CxxValueSerializerDelegate> { ) -> FieldOffset<CxxValueSerializerDelegate> {
let buf = std::mem::MaybeUninit::<Self>::uninit(); let buf = std::mem::MaybeUninit::<Self>::uninit();
FieldOffset::from_ptrs(buf.as_ptr(), unsafe { let delegate =
&(*buf.as_ptr()).cxx_value_serializer_delegate unsafe { addr_of!((*buf.as_ptr()).cxx_value_serializer_delegate) };
}) FieldOffset::from_ptrs(buf.as_ptr(), delegate)
} }
/// Starting from 'this' pointer a ValueSerializerHeap ref can be created /// Starting from 'this' pointer a ValueSerializerHeap ref can be created