Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Public API of pact_ffi exposes UB to safe code #148

Closed
dtolnay opened this issue Sep 19, 2021 · 2 comments
Closed

Public API of pact_ffi exposes UB to safe code #148

dtolnay opened this issue Sep 19, 2021 · 2 comments

Comments

@dtolnay
Copy link

dtolnay commented Sep 19, 2021

For example, the following safe program leads to pact_ffi performing Undefined Behavior:

// [dependencies]
// log = "0.4"
// pact_ffi = "0.0.2"

fn main() {
    pact_ffi::log::pactffi_logger_attach_sink(
        0xdeadbeefusize as _,
        log::LevelFilter::Off.into(),
    );
}
Segmentation fault (core dumped)

In general it is unsound for a safe API to result in UB.
@mefellows
Copy link
Member

Looking at that method definition I think it should be marked as unsafe. I'm not sure why Rust doesn't automatically mark a function as unsafe if it uses an unsafe method, so perhaps i'm wrong about it.

@TimothyJones
Copy link

I agree, it would be ideal to have this correctly reported.

In practice, it might not matter, because the ffi methods are an external interface for tooling that isn't in Rust- where rust's concept of safety won't apply anyway.

uglyog pushed a commit that referenced this issue Sep 24, 2021
chore: mark pactffi_logger_attach_sink as unsafe #148
40cf1ab
@uglyog uglyog closed this as completed Sep 24, 2021
@dtolnay dtolnay mentioned this issue Sep 24, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@mefellows @uglyog @TimothyJones @dtolnay