-
Notifications
You must be signed in to change notification settings - Fork 29
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
safe doc(hidden) APIs (async_stream::AsyncStream::new, async_stream::Sender::send, async_stream::pair) allow UB #83
Comments
Thanks for the report. Those types are marked async-stream/async-stream/src/lib.rs Lines 164 to 166 in ac3fa6b
Is it possible to reproduce this using only the public API? |
Thanks for the response! I agree that these being I don't know of a way to produce this UB using only the doc-visible public API. I'm not able to find any reference for how |
Addressed by #84. |
This playground is an example of invoking UB using only the pub, safe API of this crate (
pair()
,AsyncStream::new()
, andSender::send()
): https://play.rust-lang.org/?version=stable&mode=debug&edition=2021&gist=8cf61ab15c81d7a946cdbf60a1fd4c46The gist of this is inside of the "generator" passed to
AsyncStream::new(receiver, generator)
, we can construct aSender
,Receiver
pair for a different type from the Receiver the AsyncStream is yielding results from. We can use this Sender tosend
a u8 while generating an AsyncStream, which results in the AsyncStream yielding a String value that causes a segmentation fault when printed.I'm not familiar enough with the crate implementation to say which part should be marked
unsafe
, but I think this shows at least one of (AsyncStream::new
,Sender::send
,pair
) needs to be markedunsafe
.The text was updated successfully, but these errors were encountered: