Rollup merge of #60902 - sfackler:fix-error-soudness, r=alexcrichton

Prevent Error::type_id overrides type_id now takes an argument that can't be named outside of the std::error module, which prevents any implementations from overriding it. It's a pretty grody solution, and there's no way we can stabilize the method with this API, but it avoids the soudness issue! Closes #60784 r? @alexcrichton
rust-lang · May 17, 2019 · f48f37b · f48f37b
2 parents ba0e251 + 686a611
commit f48f37b
Showing 1 changed file with 10 additions and 2 deletions.
diff --git a/src/libstd/error.rs b/src/libstd/error.rs
@@ -201,11 +201,19 @@ pub trait Error: Debug + Display {
     #[unstable(feature = "error_type_id",
                reason = "this is memory unsafe to override in user code",
                issue = "60784")]
-    fn type_id(&self) -> TypeId where Self: 'static {
+    fn type_id(&self, _: private::Internal) -> TypeId where Self: 'static {
         TypeId::of::<Self>()
     }
 }
 
+mod private {
+    // This is a hack to prevent `type_id` from being overridden by `Error`
+    // implementations, since that can enable unsound downcasting.
+    #[unstable(feature = "error_type_id", issue = "60784")]
+    #[derive(Debug)]
+    pub struct Internal;
+}
+
 #[stable(feature = "rust1", since = "1.0.0")]
 impl<'a, E: Error + 'a> From<E> for Box<dyn Error + 'a> {
     /// Converts a type of [`Error`] into a box of dyn [`Error`].
@@ -575,7 +583,7 @@ impl dyn Error + 'static {
         let t = TypeId::of::<T>();
 
         // Get TypeId of the type in the trait object
-        let boxed = self.type_id();
+        let boxed = self.type_id(private::Internal);
 
         // Compare both TypeIds on equality
         t == boxed