diff options
| author | LeSeulArtichaut <leseulartichaut@gmail.com> | 2020-06-22 19:25:39 +0200 |
|---|---|---|
| committer | LeSeulArtichaut <leseulartichaut@gmail.com> | 2020-06-30 16:42:58 +0200 |
| commit | 8a515e963cf2711192495802d7bbf2e49979cdf2 (patch) | |
| tree | 6b5d4a3ccb13e27782c715f3adba5b57769904b2 /src/libcore/hash | |
| parent | 8ee1dec77b89d6341a147d91af8733f8e0b5efc7 (diff) | |
| download | rust-8a515e963cf2711192495802d7bbf2e49979cdf2.tar.gz rust-8a515e963cf2711192495802d7bbf2e49979cdf2.zip | |
Deny unsafe ops in unsafe fns, part 2
Diffstat (limited to 'src/libcore/hash')
| -rw-r--r-- | src/libcore/hash/sip.rs | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/src/libcore/hash/sip.rs b/src/libcore/hash/sip.rs index ac058609f45..84148058d03 100644 --- a/src/libcore/hash/sip.rs +++ b/src/libcore/hash/sip.rs @@ -1,6 +1,7 @@ //! An implementation of SipHash. #![allow(deprecated)] // the types in this module are deprecated +#![deny(unsafe_op_in_unsafe_fn)] use crate::cmp; use crate::marker::PhantomData; @@ -130,15 +131,19 @@ unsafe fn u8to64_le(buf: &[u8], start: usize, len: usize) -> u64 { let mut i = 0; // current byte index (from LSB) in the output u64 let mut out = 0; if i + 3 < len { - out = load_int_le!(buf, start + i, u32) as u64; + // SAFETY: `i` cannot be greater than `len`, and the caller must guarantee + // that the index start..start+len is in bounds. + out = unsafe { load_int_le!(buf, start + i, u32) } as u64; i += 4; } if i + 1 < len { - out |= (load_int_le!(buf, start + i, u16) as u64) << (i * 8); + // SAFETY: same as above. + out |= (unsafe { load_int_le!(buf, start + i, u16) } as u64) << (i * 8); i += 2 } if i < len { - out |= (*buf.get_unchecked(start + i) as u64) << (i * 8); + // SAFETY: same as above. + out |= (unsafe { *buf.get_unchecked(start + i) } as u64) << (i * 8); i += 1; } debug_assert_eq!(i, len); |