From d8307cb0e99d28daa4011e4e9d94e3f8c56cba23 Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Thu, 8 Feb 2018 17:26:26 -0500 Subject: Remove new unsafe {} use. Rationale: this helps for performance only, but we don't actually have any reason to think that the checks here are performance-critical. Let's not normalize the use of unsafe {}. --- src/rust/protover/ffi.rs | 12 ++++-------- src/rust/protover/protover.rs | 9 +++++---- 2 files changed, 9 insertions(+), 12 deletions(-) (limited to 'src/rust/protover') diff --git a/src/rust/protover/ffi.rs b/src/rust/protover/ffi.rs index 5519b75ea4..d724c102d3 100644 --- a/src/rust/protover/ffi.rs +++ b/src/rust/protover/ffi.rs @@ -149,13 +149,11 @@ pub extern "C" fn protover_get_supported_protocols() -> *const c_char { // programming error. assert!(byte_slice_is_c_like(SUPPORTED_PROTOCOLS)); - // It's okay to call the "unchecked" version of the function because + // It's okay to unwrap the result of this function because // we can see that the bytes we're passing into it 1) are valid UTF-8, // 2) have no intermediate NUL bytes, and 3) are terminated with a NUL // byte. - unsafe { - supported = CStr::from_bytes_with_nul_unchecked(SUPPORTED_PROTOCOLS); - } + supported = CStr::from_bytes_with_nul(SUPPORTED_PROTOCOLS).unwrap(); supported.as_ptr() } @@ -230,13 +228,11 @@ pub extern "C" fn protover_compute_for_old_tor(version: *const c_char) -> *const // programming error. assert!(byte_slice_is_c_like(elder_protocols)); - // It's okay to call the "unchecked" version of the function because + // It's okay to unwrap the result of this function because // we can see that the bytes we're passing into it 1) are valid UTF-8, // 2) have no intermediate NUL bytes, and 3) are terminated with a NUL // byte. - unsafe { - supported = CStr::from_bytes_with_nul_unchecked(elder_protocols); - } + supported = CStr::from_bytes_with_nul(elder_protocols).unwrap(); supported.as_ptr() } diff --git a/src/rust/protover/protover.rs b/src/rust/protover/protover.rs index 1680d3394e..f3a5ea23ef 100644 --- a/src/rust/protover/protover.rs +++ b/src/rust/protover/protover.rs @@ -106,10 +106,11 @@ impl FromStr for Proto { /// "HSDir=1-1 LinkAuth=1" /// pub fn get_supported_protocols() -> &'static str { - unsafe { - // The `len() - 1` is to remove the NUL byte. - str::from_utf8_unchecked(&SUPPORTED_PROTOCOLS[..SUPPORTED_PROTOCOLS.len() - 1]) - } + // The `len() - 1` is to remove the NUL byte. + // The `unwrap` is safe becauase we SUPPORTED_PROTOCOLS is under + // our control. + str::from_utf8(&SUPPORTED_PROTOCOLS[..SUPPORTED_PROTOCOLS.len() - 1]) + .unwrap() } /// Translates a vector representation of a protocol list into a HashMap -- cgit v1.2.3-54-g00ecf