Make functions that operate on raw I/O handles unsafe.

Functions which trust that their arguments are valid raw file descriptors or raw handles should be marked unsafe, because these arguments are passed unchecked to I/O routines.
2019-09-09 09:14:23 -07:00
parent c98b3d10ec
commit febecc418c
7 changed files with 26 additions and 22 deletions
--- a/src/hostcalls_impl/fs.rs
+++ b/src/hostcalls_impl/fs.rs
@@ -583,7 +583,7 @@ pub(crate) fn path_open(
    let fd = hostcalls_impl::path_open(resolved, read, write, oflags, fs_flags)?;

    // Determine the type of the new file descriptor and which rights contradict with this type
-    let (_ty, max_base, max_inheriting) = determine_type_rights(&fd)?;
+    let (_ty, max_base, max_inheriting) = unsafe { determine_type_rights(&fd) }?;
    let mut fe = FdEntry::from(fd)?;
    fe.rights_base &= max_base;
    fe.rights_inheriting &= max_inheriting;