language-servers/slint
1
0
Fork 0
mirror of https://github.com/slint-ui/slint.git synced 2025-09-29 21:34:50 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 5

Fix soundness hole in FieldOffset

Browse source 
This was cause by the change to allow to create FieldOffset in const constext
because a Fn(T)->U  is not allowed in a const constext.
But we need to be contravariant in T.
This commit is contained in:
Olivier Goffart 2020-05-18 11:02:40 +02:00
parent 07942da4bb
commit 68cea2aeec
1 changed files with 15 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

18
helper_crates/const-field-offset/src/lib.rs
View file

@ -23,11 +23,23 @@ pub use const_field_offset_macro::FieldOffsets;
pub struct FieldOffset<T, U>(
/// Offset in bytes of the field within the struct
usize,
// ### Changed from Fn to fn to allow const
// it is fine to be fariant
PhantomData<(*const T, *const U)>,
/// ### Changed from Fn to fn to allow const
/// Should be fn(T)->U, but we can't make that work in const context.
/// So make it invariant in T instead
///
/// ```compile_fail
/// use const_field_offset::FieldOffset;
/// struct Foo<'a>(&'a str);
/// fn test<'a>(foo: &Foo<'a>, of: FieldOffset<Foo<'static>, &'static str>) -> &'static str {
/// let of2 : FieldOffset<Foo<'a>, &'static str> = of; // This must not compile
/// of2.apply(foo)
/// }
/// ```
PhantomData<(*mut T, *const U)>,
);
unsafe impl<T, U> Send for FieldOffset<T, U> {}
impl<T, U> FieldOffset<T, U> {
// Use MaybeUninit to get a fake T
#[cfg(fieldoffset_maybe_uninit)]