Skip to content

Commit 4de4a2e

Browse files
celinvalcelinval
authored
Fix invariant for Iter/IterMut
1 parent 5103841 commit 4de4a2e

File tree

1 file changed

+9
-10
lines changed

1 file changed

+9
-10
lines changed

library/core/src/slice/iter.rs

+9-10
Original file line numberDiff line numberDiff line change
@@ -165,16 +165,15 @@ impl<T> Invariant for Iter<'_, T> {
165165
/// An iterator can be safely used if its pointer can be read for its current length.
166166
///
167167
/// If the type is a ZST or the encoded length is `0`, the only safety requirement is that
168-
/// its pointer is aligned (since zero-size access is always safe for aligned pointers),
169-
/// and that `self.ptr` value is less or equal to `self.end_or_len`.
168+
/// its pointer is aligned (since zero-size access is always safe for aligned pointers).
170169
///
171170
/// For other cases, we need to ensure that it is safe to read the memory between
172171
/// `self.ptr` and `self.end_or_len`.
173172
fn is_safe(&self) -> bool {
174173
let ty_size = crate::mem::size_of::<T>();
175174
let distance = self.ptr.addr().get().abs_diff(self.end_or_len as usize);
176175
if ty_size == 0 || distance == 0 {
177-
self.ptr.is_aligned() && self.ptr.addr().get() <= self.end_or_len as usize
176+
self.ptr.is_aligned()
178177
} else {
179178
let slice_ptr: *const [T] =
180179
crate::ptr::from_raw_parts(self.ptr.as_ptr(), distance / ty_size);
@@ -232,16 +231,16 @@ impl<T> Invariant for IterMut<'_, T> {
232231
/// It must be safe to write in the memory interval between `self.ptr`
233232
/// and `self.end_or_len`.
234233
fn is_safe(&self) -> bool {
235-
let size = crate::mem::size_of::<T>();
236-
if size == 0 {
237-
self.ptr.is_aligned() && self.ptr.addr().get() <= self.end_or_len as usize
234+
let ty_size = crate::mem::size_of::<T>();
235+
let distance = self.ptr.addr().get().abs_diff(self.end_or_len as usize);
236+
if ty_size == 0 || distance == 0 {
237+
self.ptr.is_aligned()
238238
} else {
239-
let distance = self.ptr.addr().get().abs_diff(self.end_or_len as usize);
240-
let slice_ptr: *mut [T] =
241-
crate::ptr::from_raw_parts_mut(self.ptr.as_ptr(), distance / size);
239+
let slice_ptr: *const [T] =
240+
crate::ptr::from_raw_parts(self.ptr.as_ptr(), distance / ty_size);
242241
crate::ub_checks::same_allocation(self.ptr.as_ptr(), self.end_or_len)
243242
&& self.ptr.addr().get() <= self.end_or_len as usize
244-
&& distance % size == 0
243+
&& distance % ty_size == 0
245244
&& crate::ub_checks::can_dereference(slice_ptr)
246245
&& crate::ub_checks::can_write(slice_ptr)
247246
}

0 commit comments

Comments
 (0)