clean up some unsafety in `Slicable`

954a4dc8 · asynchronous rob · b9cc9284 · 954a4dc8 · 954a4dc8 · 954a4dc8
Commit 954a4dc8 authored 7 years ago by asynchronous rob
--- a/substrate/primitives/src/hashing.rs
+++ b/substrate/primitives/src/hashing.rs
@@ -20,37 +20,37 @@ use blake2_rfc;
 use twox_hash;

 /// Do a Blake2 512-bit hash and place result in `dest`.
-pub fn blake2_512_into(data: &[u8], dest: &mut[u8; 64]) {
+pub fn blake2_512_into(data: &[u8], dest: &mut [u8; 64]) {
 	dest.copy_from_slice(blake2_rfc::blake2b::blake2b(64, &[], data).as_bytes());
 }

 /// Do a Blake2 512-bit hash and return result.
 pub fn blake2_512(data: &[u8]) -> [u8; 64] {
-	let mut r: [u8; 64] = unsafe { ::std::mem::uninitialized() };
+	let mut r = [0; 64];
 	blake2_512_into(data, &mut r);
 	r
 }

 /// Do a Blake2 256-bit hash and place result in `dest`.
-pub fn blake2_256_into(data: &[u8], dest: &mut[u8; 32]) {
+pub fn blake2_256_into(data: &[u8], dest: &mut [u8; 32]) {
 	dest.copy_from_slice(blake2_rfc::blake2b::blake2b(32, &[], data).as_bytes());
 }

 /// Do a Blake2 256-bit hash and return result.
 pub fn blake2_256(data: &[u8]) -> [u8; 32] {
-	let mut r: [u8; 32] = unsafe { ::std::mem::uninitialized() };
+	let mut r = [0; 32];
 	blake2_256_into(data, &mut r);
 	r
 }

 /// Do a Blake2 128-bit hash and place result in `dest`.
-pub fn blake2_128_into(data: &[u8], dest: &mut[u8; 16]) {
+pub fn blake2_128_into(data: &[u8], dest: &mut [u8; 16]) {
 	dest.copy_from_slice(blake2_rfc::blake2b::blake2b(16, &[], data).as_bytes());
 }

 /// Do a Blake2 128-bit hash and return result.
 pub fn blake2_128(data: &[u8]) -> [u8; 16] {
-	let mut r: [u8; 16] = unsafe { ::std::mem::uninitialized() };
+	let mut r = [0; 16];
 	blake2_128_into(data, &mut r);
 	r
 }

--- a/substrate/wasm-runtime/polkadot/src/codec/slicable.rs
+++ b/substrate/wasm-runtime/polkadot/src/codec/slicable.rs
@@ -34,7 +34,7 @@ pub trait Slicable: Sized {
 	fn to_vec(&self) -> Vec<u8> {
 		self.as_slice_then(|s| s.to_vec())
 	}
-	fn set_as_slice<F: FnOnce(&mut[u8]) -> bool>(set_slice: F) -> Option<Self>;
+	fn set_as_slice<F: FnOnce(&mut [u8]) -> bool>(set_slice: F) -> Option<Self>;
 	fn as_slice_then<R, F: FnOnce(&[u8]) -> R>(&self, f: F) -> R {
 		f(&self.to_vec())
 	}
@@ -44,10 +44,11 @@ pub trait Slicable: Sized {
 /// Trait to mark that a type is not trivially (essentially "in place") serialisable.
 pub trait NonTrivialSlicable: Slicable {}

-impl<T: EndianSensitive> Slicable for T {
-	fn set_as_slice<F: FnOnce(&mut[u8]) -> bool>(fill_slice: F) -> Option<Self> {
+// note: the copy bound and static lifetimes are necessary for safety of `set_as_slice`.
+impl<T: Copy + EndianSensitive + 'static> Slicable for T {
+	fn set_as_slice<F: FnOnce(&mut [u8]) -> bool>(fill_slice: F) -> Option<Self> {
 		let size = mem::size_of::<T>();
-		let mut result: T = unsafe { mem::uninitialized() };
+		let mut result: T = unsafe { mem::zeroed() };
 		let result_slice = unsafe {
 			let ptr = &mut result as *mut _ as *mut u8;
 			slice::from_raw_parts_mut(ptr, size)
@@ -77,7 +78,7 @@ impl Slicable for Vec<u8> {
 	fn from_slice(value: &[u8]) -> Option<Self> {
 		Some(value[4..].to_vec())
 	}
-	fn set_as_slice<F: FnOnce(&mut[u8]) -> bool>(_fill_slice: F) -> Option<Self> {
+	fn set_as_slice<F: FnOnce(&mut [u8]) -> bool>(_fill_slice: F) -> Option<Self> {
 		unimplemented!();
 	}
 	fn to_vec(&self) -> Vec<u8> {

--- a/substrate/wasm-runtime/polkadot/src/support/primitives.rs
+++ b/substrate/wasm-runtime/polkadot/src/support/primitives.rs
@@ -76,7 +76,7 @@ impl Slicable for Header {
 		})
 	}

-	fn set_as_slice<F: FnOnce(&mut[u8]) -> bool>(_fill_slice: F) -> Option<Self> {
+	fn set_as_slice<F: FnOnce(&mut [u8]) -> bool>(_fill_slice: F) -> Option<Self> {
 		unimplemented!();
 	}

@@ -122,7 +122,7 @@ impl Slicable for Transaction {
 		})
 	}

-	fn set_as_slice<F: FnOnce(&mut[u8]) -> bool>(_fill_slice: F) -> Option<Self> {
+	fn set_as_slice<F: FnOnce(&mut [u8]) -> bool>(_fill_slice: F) -> Option<Self> {
 		unimplemented!();
 	}

@@ -200,7 +200,7 @@ impl Slicable for UncheckedTransaction {
 		})
 	}

-	fn set_as_slice<F: FnOnce(&mut[u8]) -> bool>(_fill_slice: F) -> Option<Self> {
+	fn set_as_slice<F: FnOnce(&mut [u8]) -> bool>(_fill_slice: F) -> Option<Self> {
 		unimplemented!();
 	}

@@ -237,7 +237,7 @@ impl Slicable for Block {
 		})
 	}

-	fn set_as_slice<F: FnOnce(&mut[u8]) -> bool>(_fill_slice: F) -> Option<Self> {
+	fn set_as_slice<F: FnOnce(&mut [u8]) -> bool>(_fill_slice: F) -> Option<Self> {
 		unimplemented!();
 	}

@@ -271,7 +271,7 @@ impl<T: NonTrivialSlicable> Slicable for Vec<T> {
 		Some(r)
 	}

-	fn set_as_slice<F: FnOnce(&mut[u8]) -> bool>(_fill_slice: F) -> Option<Self> {
+	fn set_as_slice<F: FnOnce(&mut [u8]) -> bool>(_fill_slice: F) -> Option<Self> {
 		unimplemented!();
 	}


--- a/substrate/wasm-runtime/polkadot/src/support/storable.rs
+++ b/substrate/wasm-runtime/polkadot/src/support/storable.rs
@@ -37,7 +37,7 @@ pub trait Storable {
 /// Remove `key` from storage.
 pub fn kill(key: &[u8]) { runtime_support::set_storage(&twox_128(key)[..], b""); }

-impl<T: Default + Sized + EndianSensitive> Storable for T {
+impl<T: Default + Copy + EndianSensitive + 'static> Storable for T {
 	fn lookup(key: &[u8]) -> Option<Self> {
 		Slicable::set_as_slice(|out| runtime_support::read_storage(&twox_128(key)[..], out) == out.len())
 	}