From 8d82ba729937baf83011354242cabc3d50c13dc2 Mon Sep 17 00:00:00 2001 From: Luca Casonato Date: Sun, 26 Jun 2022 00:13:24 +0200 Subject: build: require safety comments on unsafe code (#13870) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Bartek IwaƄczuk Co-authored-by: Divy Srivastava --- runtime/ops/io.rs | 33 +++++++++++++++++++++------------ runtime/ops/os.rs | 12 ++++++++++-- runtime/ops/process.rs | 2 ++ runtime/ops/spawn.rs | 2 ++ runtime/ops/tty.rs | 6 ++++++ 5 files changed, 41 insertions(+), 14 deletions(-) (limited to 'runtime/ops') diff --git a/runtime/ops/io.rs b/runtime/ops/io.rs index 78263ce28..bef33e9fa 100644 --- a/runtime/ops/io.rs +++ b/runtime/ops/io.rs @@ -42,26 +42,35 @@ use { // alive for the duration of the application since the last handle/fd // being dropped will close the corresponding pipe. #[cfg(unix)] -static STDIN_HANDLE: Lazy = - Lazy::new(|| unsafe { StdFile::from_raw_fd(0) }); +static STDIN_HANDLE: Lazy = Lazy::new(|| { + // SAFETY: corresponds to OS stdin + unsafe { StdFile::from_raw_fd(0) } +}); #[cfg(unix)] -static STDOUT_HANDLE: Lazy = - Lazy::new(|| unsafe { StdFile::from_raw_fd(1) }); +static STDOUT_HANDLE: Lazy = Lazy::new(|| { + // SAFETY: corresponds to OS stdout + unsafe { StdFile::from_raw_fd(1) } +}); #[cfg(unix)] -static STDERR_HANDLE: Lazy = - Lazy::new(|| unsafe { StdFile::from_raw_fd(2) }); +static STDERR_HANDLE: Lazy = Lazy::new(|| { + // SAFETY: corresponds to OS stderr + unsafe { StdFile::from_raw_fd(2) } +}); #[cfg(windows)] -static STDIN_HANDLE: Lazy = Lazy::new(|| unsafe { - StdFile::from_raw_handle(GetStdHandle(winbase::STD_INPUT_HANDLE)) +static STDIN_HANDLE: Lazy = Lazy::new(|| { + // SAFETY: corresponds to OS stdin + unsafe { StdFile::from_raw_handle(GetStdHandle(winbase::STD_INPUT_HANDLE)) } }); #[cfg(windows)] -static STDOUT_HANDLE: Lazy = Lazy::new(|| unsafe { - StdFile::from_raw_handle(GetStdHandle(winbase::STD_OUTPUT_HANDLE)) +static STDOUT_HANDLE: Lazy = Lazy::new(|| { + // SAFETY: corresponds to OS stdout + unsafe { StdFile::from_raw_handle(GetStdHandle(winbase::STD_OUTPUT_HANDLE)) } }); #[cfg(windows)] -static STDERR_HANDLE: Lazy = Lazy::new(|| unsafe { - StdFile::from_raw_handle(GetStdHandle(winbase::STD_ERROR_HANDLE)) +static STDERR_HANDLE: Lazy = Lazy::new(|| { + // SAFETY: corresponds to OS stderr + unsafe { StdFile::from_raw_handle(GetStdHandle(winbase::STD_ERROR_HANDLE)) } }); pub fn init() -> Extension { diff --git a/runtime/ops/os.rs b/runtime/ops/os.rs index 654bbede1..dbc87daab 100644 --- a/runtime/ops/os.rs +++ b/runtime/ops/os.rs @@ -248,7 +248,11 @@ fn op_system_memory_info( fn op_getgid(state: &mut OpState) -> Result, AnyError> { super::check_unstable(state, "Deno.getGid"); state.borrow_mut::().env.check_all()?; - unsafe { Ok(Some(libc::getgid())) } + // TODO(bartlomieju): + #[allow(clippy::undocumented_unsafe_blocks)] + unsafe { + Ok(Some(libc::getgid())) + } } #[cfg(windows)] @@ -264,7 +268,11 @@ fn op_getgid(state: &mut OpState) -> Result, AnyError> { fn op_getuid(state: &mut OpState) -> Result, AnyError> { super::check_unstable(state, "Deno.getUid"); state.borrow_mut::().env.check_all()?; - unsafe { Ok(Some(libc::getuid())) } + // TODO(bartlomieju): + #[allow(clippy::undocumented_unsafe_blocks)] + unsafe { + Ok(Some(libc::getuid())) + } } #[cfg(windows)] diff --git a/runtime/ops/process.rs b/runtime/ops/process.rs index 49f26ade4..a48cd122d 100644 --- a/runtime/ops/process.rs +++ b/runtime/ops/process.rs @@ -174,6 +174,8 @@ fn op_run(state: &mut OpState, run_args: RunArgs) -> Result { c.uid(uid); } #[cfg(unix)] + // TODO(bartlomieju): + #[allow(clippy::undocumented_unsafe_blocks)] unsafe { c.pre_exec(|| { libc::setgroups(0, std::ptr::null()); diff --git a/runtime/ops/spawn.rs b/runtime/ops/spawn.rs index 7e7e2d05e..a6930b485 100644 --- a/runtime/ops/spawn.rs +++ b/runtime/ops/spawn.rs @@ -149,6 +149,8 @@ fn create_command( command.uid(uid); } #[cfg(unix)] + // TODO(bartlomieju): + #[allow(clippy::undocumented_unsafe_blocks)] unsafe { command.pre_exec(|| { libc::setgroups(0, std::ptr::null()); diff --git a/runtime/ops/tty.rs b/runtime/ops/tty.rs index ad152e2da..62a7717a6 100644 --- a/runtime/ops/tty.rs +++ b/runtime/ops/tty.rs @@ -172,12 +172,16 @@ fn op_isatty(state: &mut OpState, rid: ResourceId) -> Result { let handle = get_windows_handle(std_file)?; let mut test_mode: DWORD = 0; // If I cannot get mode out of console, it is not a console. + // TODO(bartlomieju): + #[allow(clippy::undocumented_unsafe_blocks)] Ok(unsafe { consoleapi::GetConsoleMode(handle, &mut test_mode) != FALSE }) } #[cfg(unix)] { use std::os::unix::io::AsRawFd; let raw_fd = std_file.as_raw_fd(); + // TODO(bartlomieju): + #[allow(clippy::undocumented_unsafe_blocks)] Ok(unsafe { libc::isatty(raw_fd as libc::c_int) == 1 }) } })?; @@ -225,6 +229,8 @@ fn op_console_size( use std::os::unix::io::AsRawFd; let fd = std_file.as_raw_fd(); + // TODO(bartlomieju): + #[allow(clippy::undocumented_unsafe_blocks)] unsafe { let mut size: libc::winsize = std::mem::zeroed(); if libc::ioctl(fd, libc::TIOCGWINSZ, &mut size as *mut _) != 0 { -- cgit v1.2.3