T0b1/wasmtime
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Make functions that operate on raw I/O handles unsafe.

Browse Source 
Functions which trust that their arguments are valid raw file descriptors
or raw handles should be marked unsafe, because these arguments are
passed unchecked to I/O routines.
This commit is contained in:
Dan Gohman
2019-09-09 09:14:23 -07:00
committed by Jakub Konka
parent c98b3d10ec
commit febecc418c
7 changed files with 26 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/sys/windows/hostcalls_impl/fs.rs
View File

@@ -52,7 +52,7 @@ pub(crate) fn fd_pwrite(file: &File, buf: &[u8], offset: host::__wasi_filesize_t
pub(crate) fn fd_fdstat_get(fd: &File) -> Result<host::__wasi_fdflags_t> {
use winx::file::AccessMode;
winx::file::get_file_access_mode(fd.as_raw_handle())
unsafe { winx::file::get_file_access_mode(fd.as_raw_handle()) }
.map(host_impl::fdflags_from_win)
.map_err(Into::into)
}
@@ -175,7 +175,7 @@ pub(crate) fn fd_readdir(
}
pub(crate) fn path_readlink(resolved: PathGet, buf: &mut [u8]) -> Result<usize> {
use winx::file::get_path_by_handle;
use winx::file::get_file_path;
let path = resolved.concatenate()?;
let target_path = path.read_link()?;
@@ -184,7 +184,7 @@ pub(crate) fn path_readlink(resolved: PathGet, buf: &mut [u8]) -> Result<usize>
// we need to strip the prefix from the absolute path
// as otherwise we will error out since WASI is not capable
// of dealing with absolute paths
let dir_path = get_path_by_handle(resolved.dirfd().as_raw_handle())?;
let dir_path = get_file_path(resolved.dirfd())?;
let dir_path = PathBuf::from(strip_extended_prefix(dir_path));
let target_path = target_path
.strip_prefix(dir_path)

8
src/sys/windows/hostcalls_impl/fs_helpers.rs
View File

@@ -73,7 +73,7 @@ pub(crate) fn openat(dirfd: &File, path: &str) -> Result<File> {
}
pub(crate) fn readlinkat(dirfd: &File, s_path: &str) -> Result<String> {
use winx::file::get_path_by_handle;
use winx::file::get_file_path;
use winx::winerror::WinError;
let path = concatenate(dirfd, Path::new(s_path))?;
@@ -83,7 +83,7 @@ pub(crate) fn readlinkat(dirfd: &File, s_path: &str) -> Result<String> {
// we need to strip the prefix from the absolute path
// as otherwise we will error out since WASI is not capable
// of dealing with absolute paths
let dir_path = get_path_by_handle(dirfd.as_raw_handle())?;
let dir_path = get_file_path(dirfd)?;
let dir_path = PathBuf::from(strip_extended_prefix(dir_path));
target_path
.strip_prefix(dir_path)
@@ -128,7 +128,7 @@ pub(crate) fn strip_extended_prefix<P: AsRef<OsStr>>(path: P) -> OsString {
}
pub(crate) fn concatenate<P: AsRef<Path>>(dirfd: &File, path: P) -> Result<PathBuf> {
use winx::file::get_path_by_handle;
use winx::file::get_file_path;
// WASI is not able to deal with absolute paths
// so error out if absolute
@@ -136,7 +136,7 @@ pub(crate) fn concatenate<P: AsRef<Path>>(dirfd: &File, path: P) -> Result<PathB
return Err(Error::ENOTCAPABLE);
}
let dir_path = get_path_by_handle(dirfd.as_raw_handle())?;
let dir_path = get_file_path(dirfd)?;
// concatenate paths
let mut out_path = PathBuf::from(dir_path);
out_path.push(path.as_ref());