From 90c03812720c328dcb68939400b265128b6eca8f Mon Sep 17 00:00:00 2001
From: Andreu Botella <andreu@andreubotella.com>
Date: Sat, 14 Jan 2023 23:40:01 -0800
Subject: fix(ops): disallow memory slices as inputs to async ops (#16738)

In Rust, it is UB if a slice is mutated while borrowed except through
the slice itself, and it is also UB if a mutable slice is read while
borrowed. The op macro allows borrowing an `ArrayBuffer{,View}` as a
memory slice for the duration of an op, but this is not sound for async
ops, since the `ArrayBuffer` could be accessed from JS during the await
points. This PR therefore disallows such automatic borrowing only for
async ops.

Co-authored-by: Divy Srivastava <dj.srivastava23@gmail.com>
---
 ops/tests/compile_fail/mem_slices.rs     | 24 ++++++++++++++++++++++++
 ops/tests/compile_fail/mem_slices.stderr | 15 +++++++++++++++
 2 files changed, 39 insertions(+)
 create mode 100644 ops/tests/compile_fail/mem_slices.rs
 create mode 100644 ops/tests/compile_fail/mem_slices.stderr

(limited to 'ops/tests/compile_fail')

diff --git a/ops/tests/compile_fail/mem_slices.rs b/ops/tests/compile_fail/mem_slices.rs
new file mode 100644
index 000000000..da74ac577
--- /dev/null
+++ b/ops/tests/compile_fail/mem_slices.rs
@@ -0,0 +1,24 @@
+// Copyright 2018-2023 the Deno authors. All rights reserved. MIT license.
+
+use deno_ops::op;
+
+#[op]
+fn sync_test(slice: &mut [u32]) {
+  //
+}
+
+#[op]
+async fn async_test(slice: &[u8]) {
+  // Memory slices are not allowed in async ops.
+}
+
+#[op]
+fn async_test2(slice: &mut [u8]) -> impl Future<Output = ()> {
+  // Memory slices are not allowed in async ops, even when not implemented as an
+  // async function.
+  async {}
+}
+
+fn main() {
+  // pass
+}
diff --git a/ops/tests/compile_fail/mem_slices.stderr b/ops/tests/compile_fail/mem_slices.stderr
new file mode 100644
index 000000000..c45acfcf9
--- /dev/null
+++ b/ops/tests/compile_fail/mem_slices.stderr
@@ -0,0 +1,15 @@
+error: custom attribute panicked
+  --> tests/compile_fail/mem_slices.rs:10:1
+   |
+10 | #[op]
+   | ^^^^^
+   |
+   = help: message: Memory slices are not allowed in async ops
+
+error: custom attribute panicked
+  --> tests/compile_fail/mem_slices.rs:15:1
+   |
+15 | #[op]
+   | ^^^^^
+   |
+   = help: message: Memory slices are not allowed in async ops
-- 
cgit v1.2.3