Skip to content

Commit 9202fbd

Browse files
cuvipercuviper
committed
Check for exhaustion in SliceIndex for RangeInclusive
1 parent 9fd79a3 commit 9202fbd

File tree

5 files changed

+85
-20
lines changed

5 files changed

+85
-20
lines changed

library/alloc/tests/str.rs

+29
Original file line numberDiff line numberDiff line change
@@ -529,6 +529,13 @@ mod slice_index {
529529
message: "out of bounds";
530530
}
531531

532+
in mod rangeinclusive_len {
533+
data: "abcdef";
534+
good: data[0..=5] == "abcdef";
535+
bad: data[0..=6];
536+
message: "out of bounds";
537+
}
538+
532539
in mod range_len_len {
533540
data: "abcdef";
534541
good: data[6..6] == "";
@@ -544,6 +551,28 @@ mod slice_index {
544551
}
545552
}
546553

554+
panic_cases! {
555+
in mod rangeinclusive_exhausted {
556+
data: "abcdef";
557+
558+
good: data[0..=5] == "abcdef";
559+
good: data[{
560+
let mut iter = 0..=5;
561+
iter.by_ref().count(); // exhaust it
562+
iter
563+
}] == "";
564+
565+
// 0..=6 is out of bounds before exhaustion, so it
566+
// stands to reason that it still would be after.
567+
bad: data[{
568+
let mut iter = 0..=6;
569+
iter.by_ref().count(); // exhaust it
570+
iter
571+
}];
572+
message: "out of bounds";
573+
}
574+
}
575+
547576
panic_cases! {
548577
in mod range_neg_width {
549578
data: "abcdef";

library/core/src/ops/range.rs

+14
Original file line numberDiff line numberDiff line change
@@ -446,6 +446,20 @@ impl<Idx> RangeInclusive<Idx> {
446446
}
447447
}
448448

449+
impl RangeInclusive<usize> {
450+
/// Converts to an exclusive `Range` for `SliceIndex` implementations.
451+
/// The caller is responsible for dealing with `end == usize::MAX`.
452+
#[inline]
453+
pub(crate) fn into_slice_range(self) -> Range<usize> {
454+
// If we're not exhausted, we want to simply slice `start..end + 1`.
455+
// If we are exhausted, then slicing with `end + 1..end + 1` gives us an
456+
// empty range that is still subject to bounds-checks for that endpoint.
457+
let exclusive_end = self.end + 1;
458+
let start = if self.exhausted { exclusive_end } else { self.start };
459+
start..exclusive_end
460+
}
461+
}
462+
449463
#[stable(feature = "inclusive_range", since = "1.26.0")]
450464
impl<Idx: fmt::Debug> fmt::Debug for RangeInclusive<Idx> {
451465
fn fmt(&self, fmt: &mut fmt::Formatter<'_>) -> fmt::Result {

library/core/src/slice/index.rs

+6-10
Original file line numberDiff line numberDiff line change
@@ -376,44 +376,40 @@ unsafe impl<T> SliceIndex<[T]> for ops::RangeInclusive<usize> {
376376

377377
#[inline]
378378
fn get(self, slice: &[T]) -> Option<&[T]> {
379-
if *self.end() == usize::MAX { None } else { (*self.start()..self.end() + 1).get(slice) }
379+
if *self.end() == usize::MAX { None } else { self.into_slice_range().get(slice) }
380380
}
381381

382382
#[inline]
383383
fn get_mut(self, slice: &mut [T]) -> Option<&mut [T]> {
384-
if *self.end() == usize::MAX {
385-
None
386-
} else {
387-
(*self.start()..self.end() + 1).get_mut(slice)
388-
}
384+
if *self.end() == usize::MAX { None } else { self.into_slice_range().get_mut(slice) }
389385
}
390386

391387
#[inline]
392388
unsafe fn get_unchecked(self, slice: *const [T]) -> *const [T] {
393389
// SAFETY: the caller has to uphold the safety contract for `get_unchecked`.
394-
unsafe { (*self.start()..self.end() + 1).get_unchecked(slice) }
390+
unsafe { self.into_slice_range().get_unchecked(slice) }
395391
}
396392

397393
#[inline]
398394
unsafe fn get_unchecked_mut(self, slice: *mut [T]) -> *mut [T] {
399395
// SAFETY: the caller has to uphold the safety contract for `get_unchecked_mut`.
400-
unsafe { (*self.start()..self.end() + 1).get_unchecked_mut(slice) }
396+
unsafe { self.into_slice_range().get_unchecked_mut(slice) }
401397
}
402398

403399
#[inline]
404400
fn index(self, slice: &[T]) -> &[T] {
405401
if *self.end() == usize::MAX {
406402
slice_end_index_overflow_fail();
407403
}
408-
(*self.start()..self.end() + 1).index(slice)
404+
self.into_slice_range().index(slice)
409405
}
410406

411407
#[inline]
412408
fn index_mut(self, slice: &mut [T]) -> &mut [T] {
413409
if *self.end() == usize::MAX {
414410
slice_end_index_overflow_fail();
415411
}
416-
(*self.start()..self.end() + 1).index_mut(slice)
412+
self.into_slice_range().index_mut(slice)
417413
}
418414
}
419415

library/core/src/str/traits.rs

+6-10
Original file line numberDiff line numberDiff line change
@@ -398,39 +398,35 @@ unsafe impl SliceIndex<str> for ops::RangeInclusive<usize> {
398398
type Output = str;
399399
#[inline]
400400
fn get(self, slice: &str) -> Option<&Self::Output> {
401-
if *self.end() == usize::MAX { None } else { (*self.start()..self.end() + 1).get(slice) }
401+
if *self.end() == usize::MAX { None } else { self.into_slice_range().get(slice) }
402402
}
403403
#[inline]
404404
fn get_mut(self, slice: &mut str) -> Option<&mut Self::Output> {
405-
if *self.end() == usize::MAX {
406-
None
407-
} else {
408-
(*self.start()..self.end() + 1).get_mut(slice)
409-
}
405+
if *self.end() == usize::MAX { None } else { self.into_slice_range().get_mut(slice) }
410406
}
411407
#[inline]
412408
unsafe fn get_unchecked(self, slice: *const str) -> *const Self::Output {
413409
// SAFETY: the caller must uphold the safety contract for `get_unchecked`.
414-
unsafe { (*self.start()..self.end() + 1).get_unchecked(slice) }
410+
unsafe { self.into_slice_range().get_unchecked(slice) }
415411
}
416412
#[inline]
417413
unsafe fn get_unchecked_mut(self, slice: *mut str) -> *mut Self::Output {
418414
// SAFETY: the caller must uphold the safety contract for `get_unchecked_mut`.
419-
unsafe { (*self.start()..self.end() + 1).get_unchecked_mut(slice) }
415+
unsafe { self.into_slice_range().get_unchecked_mut(slice) }
420416
}
421417
#[inline]
422418
fn index(self, slice: &str) -> &Self::Output {
423419
if *self.end() == usize::MAX {
424420
str_index_overflow_fail();
425421
}
426-
(*self.start()..self.end() + 1).index(slice)
422+
self.into_slice_range().index(slice)
427423
}
428424
#[inline]
429425
fn index_mut(self, slice: &mut str) -> &mut Self::Output {
430426
if *self.end() == usize::MAX {
431427
str_index_overflow_fail();
432428
}
433-
(*self.start()..self.end() + 1).index_mut(slice)
429+
self.into_slice_range().index_mut(slice)
434430
}
435431
}
436432

library/core/tests/slice.rs

+30
Original file line numberDiff line numberDiff line change
@@ -1341,6 +1341,14 @@ mod slice_index {
13411341
message: "out of range";
13421342
}
13431343

1344+
in mod rangeinclusive_len {
1345+
data: [0, 1, 2, 3, 4, 5];
1346+
1347+
good: data[0..=5] == [0, 1, 2, 3, 4, 5];
1348+
bad: data[0..=6];
1349+
message: "out of range";
1350+
}
1351+
13441352
in mod range_len_len {
13451353
data: [0, 1, 2, 3, 4, 5];
13461354

@@ -1358,6 +1366,28 @@ mod slice_index {
13581366
}
13591367
}
13601368

1369+
panic_cases! {
1370+
in mod rangeinclusive_exhausted {
1371+
data: [0, 1, 2, 3, 4, 5];
1372+
1373+
good: data[0..=5] == [0, 1, 2, 3, 4, 5];
1374+
good: data[{
1375+
let mut iter = 0..=5;
1376+
iter.by_ref().count(); // exhaust it
1377+
iter
1378+
}] == [];
1379+
1380+
// 0..=6 is out of range before exhaustion, so it
1381+
// stands to reason that it still would be after.
1382+
bad: data[{
1383+
let mut iter = 0..=6;
1384+
iter.by_ref().count(); // exhaust it
1385+
iter
1386+
}];
1387+
message: "out of range";
1388+
}
1389+
}
1390+
13611391
panic_cases! {
13621392
in mod range_neg_width {
13631393
data: [0, 1, 2, 3, 4, 5];

0 commit comments

Comments
 (0)