From 668928a16c3146473477004bbe2858c17d12d9c3 Mon Sep 17 00:00:00 2001 From: whitequark Date: Mon, 5 Dec 2016 05:23:37 +0000 Subject: [PATCH] runtime: fix a lifetime issue in lwip::Pbuf. This would have allowed a use-after-move (or -free) to typecheck. --- artiq/runtime.rs/liblwip/lib.rs | 4 ++-- artiq/runtime.rs/src/sched.rs | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/artiq/runtime.rs/liblwip/lib.rs b/artiq/runtime.rs/liblwip/lib.rs index 7eed9497b..5beda5e92 100644 --- a/artiq/runtime.rs/liblwip/lib.rs +++ b/artiq/runtime.rs/liblwip/lib.rs @@ -267,14 +267,14 @@ impl<'payload> Pbuf<'payload> { unsafe { (*self.raw).len as usize } } - pub fn as_slice(&self) -> &'payload [u8] { + pub fn as_slice(&self) -> &[u8] { unsafe { core::slice::from_raw_parts((*self.raw).payload as *const u8, (*self.raw).len as usize) } } - pub fn as_mut_slice(&mut self) -> &'payload mut [u8] { + pub fn as_mut_slice(&mut self) -> &mut [u8] { unsafe { core::slice::from_raw_parts_mut((*self.raw).payload as *mut u8, (*self.raw).len as usize) diff --git a/artiq/runtime.rs/src/sched.rs b/artiq/runtime.rs/src/sched.rs index 4e698f94b..570541eca 100644 --- a/artiq/runtime.rs/src/sched.rs +++ b/artiq/runtime.rs/src/sched.rs @@ -447,10 +447,10 @@ impl<'a> Read for TcpStream<'a> { } let (pbuf, pos) = self.buffer.take().unwrap(); - let slice = &pbuf.as_slice()[pos..]; - let len = ::std::cmp::min(buf.len(), slice.len()); - buf[..len].copy_from_slice(&slice[..len]); - if len < slice.len() { + let remaining = pbuf.len() - pos; + let len = ::std::cmp::min(buf.len(), remaining); + buf[..len].copy_from_slice(&pbuf.as_slice()[pos..pos + len]); + if len < remaining { self.buffer = Some((pbuf, pos + len)) } Ok(len)