tokio: check page capacity before obtaining base pointer (#4731)

This doesn't cause any issues in practice because this is a private API that is only used in ways that cannot trigger UB. Indexing into `slots` is not sound until after we've asserted that the page is allocated, since that aliases the first slot which may not be allocated. This PR also switches to using `as_ptr` to obtain the base pointer for clarity. Co-authored-by: David Koloski <dkoloski@google.com>
tokio-rs · Jun 1, 2022 · cc6c2f4 · cc6c2f4
1 parent 925314b
commit cc6c2f4
Showing 1 changed file with 2 additions and 3 deletions.
diff --git a/tokio/src/util/slab.rs b/tokio/src/util/slab.rs
@@ -551,10 +551,9 @@ impl<T> Slots<T> {
     fn index_for(&self, slot: *const Value<T>) -> usize {
         use std::mem;
 
-        let base = &self.slots[0] as *const _ as usize;
-
-        assert!(base != 0, "page is unallocated");
+        assert_ne!(self.slots.capacity(), 0, "page is unallocated");
 
+        let base = self.slots.as_ptr() as usize;
         let slot = slot as usize;
         let width = mem::size_of::<Slot<T>>();