Rollup merge of #60902 - sfackler:fix-error-soudness, r=alexcrichton

Prevent Error::type_id overrides

type_id now takes an argument that can't be named outside of the
std::error module, which prevents any implementations from overriding
it. It's a pretty grody solution, and there's no way we can stabilize
the method with this API, but it avoids the soudness issue!

Closes #60784

r? @alexcrichton

1 files changed, 10 insertions, 2 deletions

diff --git a/src/libstd/error.rs b/src/libstd/error.rs
index 7cb830e751a..62282006a40 100644
--- a/src/libstd/error.rs
+++ b/src/libstd/error.rs
@@ -201,11 +201,19 @@ pub trait Error: Debug + Display {
     #[unstable(feature = "error_type_id",
                reason = "this is memory unsafe to override in user code",
                issue = "60784")]
-    fn type_id(&self) -> TypeId where Self: 'static {
+    fn type_id(&self, _: private::Internal) -> TypeId where Self: 'static {
         TypeId::of::<Self>()
     }
 }
 
+mod private {
+    // This is a hack to prevent `type_id` from being overridden by `Error`
+    // implementations, since that can enable unsound downcasting.
+    #[unstable(feature = "error_type_id", issue = "60784")]
+    #[derive(Debug)]
+    pub struct Internal;
+}
+
 #[stable(feature = "rust1", since = "1.0.0")]
 impl<'a, E: Error + 'a> From<E> for Box<dyn Error + 'a> {
     /// Converts a type of [`Error`] into a box of dyn [`Error`].
@@ -575,7 +583,7 @@ impl dyn Error + 'static {
         let t = TypeId::of::<T>();
 
         // Get TypeId of the type in the trait object
-        let boxed = self.type_id();
+        let boxed = self.type_id(private::Internal);
 
         // Compare both TypeIds on equality
         t == boxed