diff --git a/src/buf/buf_mut.rs b/src/buf/buf_mut.rs index 844474fb9..bf33fe635 100644 --- a/src/buf/buf_mut.rs +++ b/src/buf/buf_mut.rs @@ -33,6 +33,10 @@ pub unsafe trait BufMut { /// This value is greater than or equal to the length of the slice returned /// by `chunk_mut()`. /// + /// Writing to a `BufMut` may involve allocating more memory on the fly. + /// Implementations may fail before reaching the number of bytes indicated + /// by this method if they encounter an allocation failure. + /// /// # Examples /// /// ``` @@ -158,6 +162,9 @@ pub unsafe trait BufMut { /// `chunk_mut()` returning an empty slice implies that `remaining_mut()` will /// return 0 and `remaining_mut()` returning 0 implies that `chunk_mut()` will /// return an empty slice. + /// + /// This function may trigger an out-of-memory abort if it tries to allocate + /// memory and fails to do so. // The `chunk_mut` method was previously called `bytes_mut`. This alias makes the // rename more easily discoverable. #[cfg_attr(docsrs, doc(alias = "bytes_mut"))] @@ -1025,7 +1032,8 @@ unsafe impl BufMut for &mut [u8] { unsafe impl BufMut for Vec { #[inline] fn remaining_mut(&self) -> usize { - usize::MAX - self.len() + // A vector can never have more than isize::MAX bytes + core::isize::MAX as usize - self.len() } #[inline] diff --git a/tests/test_buf_mut.rs b/tests/test_buf_mut.rs index b85ab9c67..f63198226 100644 --- a/tests/test_buf_mut.rs +++ b/tests/test_buf_mut.rs @@ -9,7 +9,7 @@ use core::usize; fn test_vec_as_mut_buf() { let mut buf = Vec::with_capacity(64); - assert_eq!(buf.remaining_mut(), usize::MAX); + assert_eq!(buf.remaining_mut(), isize::MAX as usize); assert!(buf.chunk_mut().len() >= 64); @@ -17,7 +17,7 @@ fn test_vec_as_mut_buf() { assert_eq!(&buf, b"zomg"); - assert_eq!(buf.remaining_mut(), usize::MAX - 4); + assert_eq!(buf.remaining_mut(), isize::MAX as usize - 4); assert_eq!(buf.capacity(), 64); for _ in 0..16 {