diff --git a/proxmox-io/src/lib.rs b/proxmox-io/src/lib.rs index 73de0510..a32c0105 100644 --- a/proxmox-io/src/lib.rs +++ b/proxmox-io/src/lib.rs @@ -3,6 +3,8 @@ //! The [`ReadExt`] trait provides additional operations for handling byte buffers for types //! implementing [`Read`](std::io::Read). +#![deny(unsafe_op_in_unsafe_fn)] + mod read; pub use read::ReadExt; diff --git a/proxmox-io/src/read.rs b/proxmox-io/src/read.rs index 062615b3..4ad8a65d 100644 --- a/proxmox-io/src/read.rs +++ b/proxmox-io/src/read.rs @@ -267,30 +267,34 @@ impl ReadExt for R { unsafe fn read_host_value(&mut self) -> io::Result { let mut value = std::mem::MaybeUninit::::uninit(); - self.read_exact(std::slice::from_raw_parts_mut( - value.as_mut_ptr() as *mut u8, - mem::size_of::(), - ))?; - Ok(value.assume_init()) + unsafe { + self.read_exact(std::slice::from_raw_parts_mut( + value.as_mut_ptr() as *mut u8, + mem::size_of::(), + ))?; + Ok(value.assume_init()) + } } unsafe fn read_le_value(&mut self) -> io::Result { - Ok(self.read_host_value::()?.from_le()) + unsafe { Ok(self.read_host_value::()?.from_le()) } } unsafe fn read_be_value(&mut self) -> io::Result { - Ok(self.read_host_value::()?.from_be()) + unsafe { Ok(self.read_host_value::()?.from_be()) } } unsafe fn read_host_value_boxed(&mut self) -> io::Result> { // FIXME: Change this once #![feature(new_uninit)] lands for Box! - let ptr = std::alloc::alloc(std::alloc::Layout::new::()) as *mut T; - self.read_exact(std::slice::from_raw_parts_mut( - ptr as *mut u8, - mem::size_of::(), - ))?; - Ok(Box::from_raw(ptr)) + unsafe { + let ptr = std::alloc::alloc(std::alloc::Layout::new::()) as *mut T; + self.read_exact(std::slice::from_raw_parts_mut( + ptr as *mut u8, + mem::size_of::(), + ))?; + Ok(Box::from_raw(ptr)) + } } fn read_exact_or_eof(&mut self, mut buf: &mut [u8]) -> io::Result { diff --git a/proxmox-io/src/vec/byte_vec.rs b/proxmox-io/src/vec/byte_vec.rs index 0c0c899b..e8d1962b 100644 --- a/proxmox-io/src/vec/byte_vec.rs +++ b/proxmox-io/src/vec/byte_vec.rs @@ -97,7 +97,9 @@ impl ByteVecExt for Vec { let old_len = self.len(); self.reserve(more); let total = old_len + more; - self.set_len(total); + unsafe { + self.set_len(total); + } &mut self[old_len..] } @@ -105,7 +107,9 @@ impl ByteVecExt for Vec { if new_size <= self.len() { self.truncate(new_size); } else { - self.grow_uninitialized(new_size - self.len()); + unsafe { + self.grow_uninitialized(new_size - self.len()); + } } } } diff --git a/proxmox-io/src/vec/mod.rs b/proxmox-io/src/vec/mod.rs index 98dce291..8798025d 100644 --- a/proxmox-io/src/vec/mod.rs +++ b/proxmox-io/src/vec/mod.rs @@ -52,8 +52,10 @@ pub use byte_vec::ByteVecExt; /// marked as unsafe for good measure. #[inline] pub unsafe fn uninitialized(len: usize) -> Vec { - let data = std::alloc::alloc(std::alloc::Layout::array::(len).unwrap()); - Vec::from_raw_parts(data as *mut u8, len, len) + unsafe { + let data = std::alloc::alloc(std::alloc::Layout::array::(len).unwrap()); + Vec::from_raw_parts(data as *mut u8, len, len) + } } /// Shortcut to zero out a slice of bytes. diff --git a/proxmox-io/src/write.rs b/proxmox-io/src/write.rs index a07a4fbb..f519c057 100644 --- a/proxmox-io/src/write.rs +++ b/proxmox-io/src/write.rs @@ -167,17 +167,19 @@ pub trait WriteExt { impl WriteExt for W { unsafe fn write_host_value(&mut self, value: T) -> io::Result<()> { - self.write_all(std::slice::from_raw_parts( - &value as *const T as *const u8, - std::mem::size_of::(), - )) + unsafe { + self.write_all(std::slice::from_raw_parts( + &value as *const T as *const u8, + std::mem::size_of::(), + )) + } } unsafe fn write_le_value(&mut self, value: T) -> io::Result<()> { - self.write_host_value::(value.to_le()) + unsafe { self.write_host_value::(value.to_le()) } } unsafe fn write_be_value(&mut self, value: T) -> io::Result<()> { - self.write_host_value::(value.to_be()) + unsafe { self.write_host_value::(value.to_be()) } } }