Re: [libvirt] [PATCH Rust 3/4] fix pointer type of macro used to convert rs string to c string
On Wed, Jul 17, 2019 at 08:59:32AM +0000, Sahid Orentino Ferdjaoui wrote:
In this commit we also add todo and warning to avoid using them +
remove them in future.
Signed-off-by: Sahid Orentino Ferdjaoui <sahid.ferdjaoui(a)canonical.com>
---
src/lib.rs | 23 +++++++++++++++++++++--
1 file changed, 21 insertions(+), 2 deletions(-)
diff --git a/src/lib.rs b/src/lib.rs
index 77bf4a9..64d49cd 100644
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -99,12 +99,31 @@ macro_rules! c_chars_to_string {
}
+// Those two macros are not completely safe and we should probably
+// stop using them to avoid possibility of pointers dangling. The
+// memory may be freed too early.
+//
+// To avoid that, the right pattern would be:
+//
+// let cstring = CString::new(rs_string).unwrap();
+// unsafe {
+// some_c_function(cstring.as_ptr() as *const libc::c_char);
+// }
+//
+// So we ensure the pointer passed to 'some_c_function()' will live
+// until 'cstring' exists.
+//
+// TODO(sahid): fix code + remove macros.
+
Just in case you won't get around to do that, could you put this to the
BiteSizedTasks[1] wiki?
Also while checking the usage numbers of these macros I found out you pushed
this already, so sorry for late review.
[1] https://wiki.libvirt.org/page/BiteSizedTasks
macro_rules! string_to_c_chars {
- ($x:expr) => (::std::ffi::CString::new($x).unwrap().as_ptr())
+ ($x:expr) => (
+ ::std::ffi::CString::new($x).unwrap().as_ptr() as *const libc::c_char)
}
macro_rules! string_to_mut_c_chars {
- ($x:expr) => (::std::ffi::CString::new($x).unwrap().into_raw())
+ ($x:expr) => (
+ // Usage of this should ensure deallocation.
+ ::std::ffi::CString::new($x).unwrap().into_raw() as *mut libc::c_char)
}
macro_rules! impl_from {
--
2.17.1
--
libvir-list mailing list
libvir-list(a)redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Attachments:
- signature.asc (application/pgp-signature — 833 bytes)