min
/
boring2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Remove uses of `mem::uninitialized` 

According to [the docs](https://doc.rust-lang.org/stable/std/mem/fn.uninitialized.html),

> Calling this when the content is not yet fully initialized causes immediate undefined behavior.
> it [is] undefined behavior to have uninitialized data in a variable even if that variable has an integer type.

Using MaybeUninit instead, as recommended by the official documentation, avoids undefined behavior by not creating a `&mut` reference to uninitialized data.
This commit is contained in:
Joshua Nelson 2022-09-07 10:10:16 -05:00 committed by Joshua Nelson
parent 3841e626ae
commit 774e721ad9
4 changed files with 56 additions and 55 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
boring/src/aes.rs
View File

@ -39,7 +39,8 @@
//! //!
use crate::ffi; use crate::ffi;
use libc::{c_int, c_uint, size_t}; use libc::{c_int, c_uint, size_t};
use std::{mem, ptr}; use std::mem::MaybeUninit;
use std::ptr;
/// Provides Error handling for parsing keys. /// Provides Error handling for parsing keys.
#[derive(Debug)] #[derive(Debug)]
@ -59,14 +60,14 @@ impl AesKey {
unsafe { unsafe {
assert!(key.len() <= c_int::max_value() as usize / 8); assert!(key.len() <= c_int::max_value() as usize / 8);
let mut aes_key = mem::uninitialized(); let mut aes_key = MaybeUninit::uninit();
let r = ffi::AES_set_encrypt_key( let r = ffi::AES_set_encrypt_key(
key.as_ptr() as *const _, key.as_ptr() as *const _,
key.len() as c_uint * 8, key.len() as c_uint * 8,
&mut aes_key, aes_key.as_mut_ptr(),
); );
if r == 0 { if r == 0 {
Ok(AesKey(aes_key)) Ok(AesKey(aes_key.assume_init()))
} else { } else {
Err(KeyError(())) Err(KeyError(()))
} }
@ -83,15 +84,15 @@ impl AesKey {
unsafe { unsafe {
assert!(key.len() <= c_int::max_value() as usize / 8); assert!(key.len() <= c_int::max_value() as usize / 8);
let mut aes_key = mem::uninitialized(); let mut aes_key = MaybeUninit::uninit();
let r = ffi::AES_set_decrypt_key( let r = ffi::AES_set_decrypt_key(
key.as_ptr() as *const _, key.as_ptr() as *const _,
key.len() as c_uint * 8, key.len() as c_uint * 8,
&mut aes_key, aes_key.as_mut_ptr(),
); );
if r == 0 { if r == 0 {
Ok(AesKey(aes_key)) Ok(AesKey(aes_key.assume_init()))
} else { } else {
Err(KeyError(())) Err(KeyError(()))
} }

92
boring/src/sha.rs
View File

@ -45,7 +45,7 @@
//! ``` //! ```
use crate::ffi; use crate::ffi;
use libc::c_void; use libc::c_void;
use std::mem; use std::mem::MaybeUninit;
/// Computes the SHA1 hash of some data. /// Computes the SHA1 hash of some data.
/// ///
@ -57,9 +57,9 @@ use std::mem;
#[allow(deprecated)] // https://github.com/rust-lang/rust/issues/63566 #[allow(deprecated)] // https://github.com/rust-lang/rust/issues/63566
pub fn sha1(data: &[u8]) -> [u8; 20] { pub fn sha1(data: &[u8]) -> [u8; 20] {
unsafe { unsafe {
let mut hash: [u8; 20] = mem::uninitialized(); let mut hash: MaybeUninit<[u8; 20]> = MaybeUninit::uninit();
ffi::SHA1(data.as_ptr(), data.len(), hash.as_mut_ptr()); ffi::SHA1(data.as_ptr(), data.len(), hash.as_mut_ptr().cast());
hash hash.assume_init()
} }
} }
@ -68,9 +68,9 @@ pub fn sha1(data: &[u8]) -> [u8; 20] {
#[allow(deprecated)] // https://github.com/rust-lang/rust/issues/63566 #[allow(deprecated)] // https://github.com/rust-lang/rust/issues/63566
pub fn sha224(data: &[u8]) -> [u8; 28] { pub fn sha224(data: &[u8]) -> [u8; 28] {
unsafe { unsafe {
let mut hash: [u8; 28] = mem::uninitialized(); let mut hash: MaybeUninit<[u8; 28]> = MaybeUninit::uninit();
ffi::SHA224(data.as_ptr(), data.len(), hash.as_mut_ptr()); ffi::SHA224(data.as_ptr(), data.len(), hash.as_mut_ptr().cast());
hash hash.assume_init()
} }
} }
@ -79,9 +79,9 @@ pub fn sha224(data: &[u8]) -> [u8; 28] {
#[allow(deprecated)] // https://github.com/rust-lang/rust/issues/63566 #[allow(deprecated)] // https://github.com/rust-lang/rust/issues/63566
pub fn sha256(data: &[u8]) -> [u8; 32] { pub fn sha256(data: &[u8]) -> [u8; 32] {
unsafe { unsafe {
let mut hash: [u8; 32] = mem::uninitialized(); let mut hash: MaybeUninit<[u8; 32]> = MaybeUninit::uninit();
ffi::SHA256(data.as_ptr(), data.len(), hash.as_mut_ptr()); ffi::SHA256(data.as_ptr(), data.len(), hash.as_mut_ptr().cast());
hash hash.assume_init()
} }
} }
@ -90,9 +90,9 @@ pub fn sha256(data: &[u8]) -> [u8; 32] {
#[allow(deprecated)] // https://github.com/rust-lang/rust/issues/63566 #[allow(deprecated)] // https://github.com/rust-lang/rust/issues/63566
pub fn sha384(data: &[u8]) -> [u8; 48] { pub fn sha384(data: &[u8]) -> [u8; 48] {
unsafe { unsafe {
let mut hash: [u8; 48] = mem::uninitialized(); let mut hash: MaybeUninit<[u8; 48]> = MaybeUninit::uninit();
ffi::SHA384(data.as_ptr(), data.len(), hash.as_mut_ptr()); ffi::SHA384(data.as_ptr(), data.len(), hash.as_mut_ptr().cast());
hash hash.assume_init()
} }
} }
@ -101,9 +101,9 @@ pub fn sha384(data: &[u8]) -> [u8; 48] {
#[allow(deprecated)] // https://github.com/rust-lang/rust/issues/63566 #[allow(deprecated)] // https://github.com/rust-lang/rust/issues/63566
pub fn sha512(data: &[u8]) -> [u8; 64] { pub fn sha512(data: &[u8]) -> [u8; 64] {
unsafe { unsafe {
let mut hash: [u8; 64] = mem::uninitialized(); let mut hash: MaybeUninit<[u8; 64]> = MaybeUninit::uninit();
ffi::SHA512(data.as_ptr(), data.len(), hash.as_mut_ptr()); ffi::SHA512(data.as_ptr(), data.len(), hash.as_mut_ptr().cast());
hash hash.assume_init()
} }
} }
@ -129,9 +129,9 @@ impl Sha1 {
#[allow(deprecated)] // https://github.com/rust-lang/rust/issues/63566 #[allow(deprecated)] // https://github.com/rust-lang/rust/issues/63566
pub fn new() -> Sha1 { pub fn new() -> Sha1 {
unsafe { unsafe {
let mut ctx = mem::uninitialized(); let mut ctx = MaybeUninit::uninit();
ffi::SHA1_Init(&mut ctx); ffi::SHA1_Init(ctx.as_mut_ptr());
Sha1(ctx) Sha1(ctx.assume_init())
} }
} }
@ -150,9 +150,9 @@ impl Sha1 {
#[allow(deprecated)] // https://github.com/rust-lang/rust/issues/63566 #[allow(deprecated)] // https://github.com/rust-lang/rust/issues/63566
pub fn finish(mut self) -> [u8; 20] { pub fn finish(mut self) -> [u8; 20] {
unsafe { unsafe {
let mut hash: [u8; 20] = mem::uninitialized(); let mut hash: MaybeUninit<[u8; 20]> = MaybeUninit::uninit();
ffi::SHA1_Final(hash.as_mut_ptr(), &mut self.0); ffi::SHA1_Final(hash.as_mut_ptr().cast(), &mut self.0);
hash hash.assume_init()
} }
} }
} }
@ -174,9 +174,9 @@ impl Sha224 {
#[allow(deprecated)] // https://github.com/rust-lang/rust/issues/63566 #[allow(deprecated)] // https://github.com/rust-lang/rust/issues/63566
pub fn new() -> Sha224 { pub fn new() -> Sha224 {
unsafe { unsafe {
let mut ctx = mem::uninitialized(); let mut ctx = MaybeUninit::uninit();
ffi::SHA224_Init(&mut ctx); ffi::SHA224_Init(ctx.as_mut_ptr());
Sha224(ctx) Sha224(ctx.assume_init())
} }
} }
@ -195,9 +195,9 @@ impl Sha224 {
#[allow(deprecated)] // https://github.com/rust-lang/rust/issues/63566 #[allow(deprecated)] // https://github.com/rust-lang/rust/issues/63566
pub fn finish(mut self) -> [u8; 28] { pub fn finish(mut self) -> [u8; 28] {
unsafe { unsafe {
let mut hash: [u8; 28] = mem::uninitialized(); let mut hash: MaybeUninit<[u8; 28]> = MaybeUninit::uninit();
ffi::SHA224_Final(hash.as_mut_ptr(), &mut self.0); ffi::SHA224_Final(hash.as_mut_ptr().cast(), &mut self.0);
hash hash.assume_init()
} }
} }
} }
@ -219,9 +219,9 @@ impl Sha256 {
#[allow(deprecated)] // https://github.com/rust-lang/rust/issues/63566 #[allow(deprecated)] // https://github.com/rust-lang/rust/issues/63566
pub fn new() -> Sha256 { pub fn new() -> Sha256 {
unsafe { unsafe {
let mut ctx = mem::uninitialized(); let mut ctx = MaybeUninit::uninit();
ffi::SHA256_Init(&mut ctx); ffi::SHA256_Init(ctx.as_mut_ptr());
Sha256(ctx) Sha256(ctx.assume_init())
} }
} }
@ -240,9 +240,9 @@ impl Sha256 {
#[allow(deprecated)] // https://github.com/rust-lang/rust/issues/63566 #[allow(deprecated)] // https://github.com/rust-lang/rust/issues/63566
pub fn finish(mut self) -> [u8; 32] { pub fn finish(mut self) -> [u8; 32] {
unsafe { unsafe {
let mut hash: [u8; 32] = mem::uninitialized(); let mut hash: MaybeUninit<[u8; 32]> = MaybeUninit::uninit();
ffi::SHA256_Final(hash.as_mut_ptr(), &mut self.0); ffi::SHA256_Final(hash.as_mut_ptr().cast(), &mut self.0);
hash hash.assume_init()
} }
} }
} }
@ -264,9 +264,9 @@ impl Sha384 {
#[allow(deprecated)] // https://github.com/rust-lang/rust/issues/63566 #[allow(deprecated)] // https://github.com/rust-lang/rust/issues/63566
pub fn new() -> Sha384 { pub fn new() -> Sha384 {
unsafe { unsafe {
let mut ctx = mem::uninitialized(); let mut ctx = MaybeUninit::uninit();
ffi::SHA384_Init(&mut ctx); ffi::SHA384_Init(ctx.as_mut_ptr());
Sha384(ctx) Sha384(ctx.assume_init())
} }
} }
@ -285,9 +285,9 @@ impl Sha384 {
#[allow(deprecated)] // https://github.com/rust-lang/rust/issues/63566 #[allow(deprecated)] // https://github.com/rust-lang/rust/issues/63566
pub fn finish(mut self) -> [u8; 48] { pub fn finish(mut self) -> [u8; 48] {
unsafe { unsafe {
let mut hash: [u8; 48] = mem::uninitialized(); let mut hash: MaybeUninit<[u8; 48]> = MaybeUninit::uninit();
ffi::SHA384_Final(hash.as_mut_ptr(), &mut self.0); ffi::SHA384_Final(hash.as_mut_ptr().cast(), &mut self.0);
hash hash.assume_init()
} }
} }
} }
@ -309,9 +309,9 @@ impl Sha512 {
#[allow(deprecated)] // https://github.com/rust-lang/rust/issues/63566 #[allow(deprecated)] // https://github.com/rust-lang/rust/issues/63566
pub fn new() -> Sha512 { pub fn new() -> Sha512 {
unsafe { unsafe {
let mut ctx = mem::uninitialized(); let mut ctx = MaybeUninit::uninit();
ffi::SHA512_Init(&mut ctx); ffi::SHA512_Init(ctx.as_mut_ptr());
Sha512(ctx) Sha512(ctx.assume_init())
} }
} }
@ -330,9 +330,9 @@ impl Sha512 {
#[allow(deprecated)] // https://github.com/rust-lang/rust/issues/63566 #[allow(deprecated)] // https://github.com/rust-lang/rust/issues/63566
pub fn finish(mut self) -> [u8; 64] { pub fn finish(mut self) -> [u8; 64] {
unsafe { unsafe {
let mut hash: [u8; 64] = mem::uninitialized(); let mut hash: MaybeUninit<[u8; 64]> = MaybeUninit::uninit();
ffi::SHA512_Final(hash.as_mut_ptr(), &mut self.0); ffi::SHA512_Final(hash.as_mut_ptr().cast(), &mut self.0);
hash hash.assume_init()
} }
} }
} }

2
boring/src/ssl/bio.rs
View File

@ -200,7 +200,7 @@ unsafe extern "C" fn destroy<S>(bio: *mut BIO) -> c_int {
let data = BIO_get_data(bio); let data = BIO_get_data(bio);
if !data.is_null() { if !data.is_null() {
Box::<StreamState<S>>::from_raw(data as *mut _); drop(Box::<StreamState<S>>::from_raw(data as *mut _));
BIO_set_data(bio, ptr::null_mut()); BIO_set_data(bio, ptr::null_mut());
} }

2
boring/src/ssl/mod.rs
View File

@ -422,7 +422,7 @@ unsafe extern "C" fn free_data_box<T>(
_argp: *mut c_void, _argp: *mut c_void,
) { ) {
if !ptr.is_null() { if !ptr.is_null() {
Box::<T>::from_raw(ptr as *mut T); drop(Box::<T>::from_raw(ptr as *mut T));
} }
} }