summaryrefslogtreecommitdiff
path: root/src/rust/protover/ffi.rs
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2018-02-08 17:26:26 -0500
committerNick Mathewson <nickm@torproject.org>2018-02-08 17:29:50 -0500
commitd8307cb0e99d28daa4011e4e9d94e3f8c56cba23 (patch)
tree4e82d15238612f136a7b07425393722401b8ca8d /src/rust/protover/ffi.rs
parent8d142e2322398a799a9554daf566b6fd856d7dd8 (diff)
downloadtor-d8307cb0e99d28daa4011e4e9d94e3f8c56cba23.tar.gz
tor-d8307cb0e99d28daa4011e4e9d94e3f8c56cba23.zip
Remove new unsafe {} use.
Rationale: this helps for performance only, but we don't actually have any reason to think that the checks here are performance-critical. Let's not normalize the use of unsafe {}.
Diffstat (limited to 'src/rust/protover/ffi.rs')
-rw-r--r--src/rust/protover/ffi.rs12
1 files changed, 4 insertions, 8 deletions
diff --git a/src/rust/protover/ffi.rs b/src/rust/protover/ffi.rs
index 5519b75ea4..d724c102d3 100644
--- a/src/rust/protover/ffi.rs
+++ b/src/rust/protover/ffi.rs
@@ -149,13 +149,11 @@ pub extern "C" fn protover_get_supported_protocols() -> *const c_char {
// programming error.
assert!(byte_slice_is_c_like(SUPPORTED_PROTOCOLS));
- // It's okay to call the "unchecked" version of the function because
+ // It's okay to unwrap the result of this function because
// we can see that the bytes we're passing into it 1) are valid UTF-8,
// 2) have no intermediate NUL bytes, and 3) are terminated with a NUL
// byte.
- unsafe {
- supported = CStr::from_bytes_with_nul_unchecked(SUPPORTED_PROTOCOLS);
- }
+ supported = CStr::from_bytes_with_nul(SUPPORTED_PROTOCOLS).unwrap();
supported.as_ptr()
}
@@ -230,13 +228,11 @@ pub extern "C" fn protover_compute_for_old_tor(version: *const c_char) -> *const
// programming error.
assert!(byte_slice_is_c_like(elder_protocols));
- // It's okay to call the "unchecked" version of the function because
+ // It's okay to unwrap the result of this function because
// we can see that the bytes we're passing into it 1) are valid UTF-8,
// 2) have no intermediate NUL bytes, and 3) are terminated with a NUL
// byte.
- unsafe {
- supported = CStr::from_bytes_with_nul_unchecked(elder_protocols);
- }
+ supported = CStr::from_bytes_with_nul(elder_protocols).unwrap();
supported.as_ptr()
}