From 4ae4cfd0588fbe93e1cc6501bcb98893ebdf26f3 Mon Sep 17 00:00:00 2001 From: Jan Bujak Date: Wed, 23 Mar 2022 05:28:29 +0000 Subject: Make `uname` always safe This fixes several issues with the current `uname` bindings: - Do not ignore `uname` errors; at least on glibc `uname` can fail, so now it returns a `Result` instead of assuming that the call will always succeed. - Do not assume `uname` will initialize every member of `utsname`; not every implementation initializes every field, so internally the struct is now zero-initialized. - Do not blindly assume strings returned by `uname` will always be valid UTF-8; `UtsName`'s accessors will now return `&OsStr`s instead of `&str`s. --- src/sys/utsname.rs | 56 ++++++++++++++++++++++++++++-------------------------- 1 file changed, 29 insertions(+), 27 deletions(-) (limited to 'src/sys') diff --git a/src/sys/utsname.rs b/src/sys/utsname.rs index 98edee04..5bd3a539 100644 --- a/src/sys/utsname.rs +++ b/src/sys/utsname.rs @@ -1,8 +1,9 @@ //! Get system identification use std::mem; -use libc::{self, c_char}; -use std::ffi::CStr; -use std::str::from_utf8_unchecked; +use std::os::unix::ffi::OsStrExt; +use std::ffi::OsStr; +use libc::c_char; +use crate::{Errno, Result}; /// Describes the running system. Return type of [`uname`]. #[derive(Clone, Copy, Debug, Eq, Hash, PartialEq)] @@ -10,47 +11,48 @@ use std::str::from_utf8_unchecked; pub struct UtsName(libc::utsname); impl UtsName { - /// Name of the operating system implementation - pub fn sysname(&self) -> &str { - to_str(&(&self.0.sysname as *const c_char ) as *const *const c_char) + /// Name of the operating system implementation. + pub fn sysname(&self) -> &OsStr { + cast_and_trim(&self.0.sysname) } /// Network name of this machine. - pub fn nodename(&self) -> &str { - to_str(&(&self.0.nodename as *const c_char ) as *const *const c_char) + pub fn nodename(&self) -> &OsStr { + cast_and_trim(&self.0.nodename) } /// Release level of the operating system. - pub fn release(&self) -> &str { - to_str(&(&self.0.release as *const c_char ) as *const *const c_char) + pub fn release(&self) -> &OsStr { + cast_and_trim(&self.0.release) } /// Version level of the operating system. - pub fn version(&self) -> &str { - to_str(&(&self.0.version as *const c_char ) as *const *const c_char) + pub fn version(&self) -> &OsStr { + cast_and_trim(&self.0.version) } /// Machine hardware platform. - pub fn machine(&self) -> &str { - to_str(&(&self.0.machine as *const c_char ) as *const *const c_char) + pub fn machine(&self) -> &OsStr { + cast_and_trim(&self.0.machine) } } /// Get system identification -pub fn uname() -> UtsName { +pub fn uname() -> Result { unsafe { - let mut ret = mem::MaybeUninit::uninit(); - libc::uname(ret.as_mut_ptr()); - UtsName(ret.assume_init()) + let mut ret = mem::MaybeUninit::zeroed(); + Errno::result(libc::uname(ret.as_mut_ptr()))?; + Ok(UtsName(ret.assume_init())) } } -#[inline] -fn to_str<'a>(s: *const *const c_char) -> &'a str { - unsafe { - let res = CStr::from_ptr(*s).to_bytes(); - from_utf8_unchecked(res) - } +fn cast_and_trim(slice: &[c_char]) -> &OsStr { + let length = slice.iter().position(|&byte| byte == 0).unwrap_or(slice.len()); + let bytes = unsafe { + std::slice::from_raw_parts(slice.as_ptr().cast(), length) + }; + + OsStr::from_bytes(bytes) } #[cfg(test)] @@ -58,18 +60,18 @@ mod test { #[cfg(target_os = "linux")] #[test] pub fn test_uname_linux() { - assert_eq!(super::uname().sysname(), "Linux"); + assert_eq!(super::uname().unwrap().sysname(), "Linux"); } #[cfg(any(target_os = "macos", target_os = "ios"))] #[test] pub fn test_uname_darwin() { - assert_eq!(super::uname().sysname(), "Darwin"); + assert_eq!(super::uname().unwrap().sysname(), "Darwin"); } #[cfg(target_os = "freebsd")] #[test] pub fn test_uname_freebsd() { - assert_eq!(super::uname().sysname(), "FreeBSD"); + assert_eq!(super::uname().unwrap().sysname(), "FreeBSD"); } } -- cgit v1.2.3