Skip to content

Remove unsafe constructs #3

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
hucsmn merged 8 commits into from
Nov 26, 2019
Merged

Remove unsafe constructs #3

hucsmn merged 8 commits into from
Nov 26, 2019

Conversation

@nicoonoclaste
Copy link
Contributor

@nicoonoclaste nicoonoclaste commented Nov 24, 2019
edited by hucsmn
Loading

qbsdiff uses unsafe code in various places to build uninitialised Vec<u8>s with a given size.
Unfortunately, this probably is undefined behaviour, so it should be removed.

  • bsdiff
    • use of unsafe removed;
    • no additional writes or allocations introduced;
    • unlike previously, it is now clear that no data leaks between successive (re)uses of the buffer.
  • bspatch:
    • Context::{buf,dlt} caches are now managed safely.
    • Some overhead is involved as they are initialized with 0-valued bytes when created and resized.
  • unsafe code is now forbidden within the crate.

@nicoonoclaste nicoonoclaste changed the title WiP: Remove unsafe constructs Remove unsafe constructs Nov 25, 2019
@nicoonoclaste
Copy link
Contributor Author

nicoonoclaste commented Nov 25, 2019

@hucsmn This should now be mergeable.
I expect the overhead in bspatch to be very slight, but there is nothing currently in place to measure the crate's performance.

@nicoonoclaste nicoonoclaste mentioned this pull request Nov 25, 2019
Closed
hucsmn
hucsmn reviewed Nov 25, 2019
View reviewed changes
Copy link
Owner

@hucsmn hucsmn left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for your commits! Uninitialized vector may lead to UB if elements were readed before initialization. This is a premature optimization indeed, I would like to add some benchmarks later. For now, safe code is better.
Following codes could be simplified:

@nicoonoclaste
Copy link
Contributor Author

nicoonoclaste commented Nov 26, 2019

Done, thanks for the feedback <3

@nicoonoclaste nicoonoclaste mentioned this pull request Nov 26, 2019
Closed
@hucsmn hucsmn merged commit 6cb4a41 into hucsmn:master Nov 26, 2019
@nicoonoclaste nicoonoclaste deleted the safety-dance branch November 26, 2019 10:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@hucsmn hucsmn hucsmn left review comments

+1 more reviewer

@Shnatsel Shnatsel Shnatsel left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@nicoonoclaste @Shnatsel @hucsmn