| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <692d978b.170a0220.b1da0.297a@mx.google.com> Date: Mon, 1 Dec 2025 21:26:32 +0800 From: Hsiu Che Yu <yu.whisper.personal@...il.com> To: Alice Ryhl <aliceryhl@...gle.com> Cc: Hsiu Che Yu <yu.whisper.personal@...il.com>, Alexandre Courbot <acourbot@...dia.com>, Miguel Ojeda <ojeda@...nel.org>, Yury Norov <yury.norov@...il.com>, Boqun Feng <boqun.feng@...il.com>, Gary Guo <gary@...yguo.net>, Björn Roy Baron <bjorn3_gh@...tonmail.com>, Benno Lossin <lossin@...nel.org>, Andreas Hindborg <a.hindborg@...nel.org>, Trevor Gross <tmgross@...ch.edu>, Danilo Krummrich <dakr@...nel.org>, rust-for-linux@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH] rust: num: bounded: add safety comment for Bounded::__new On Mon, Dec 01, 2025 at 10:12:27AM +0000, Alice Ryhl wrote: >I disagree. For the same reasons as str::from_utf8_unchecked, this >should also be unsafe. It creates a value that violates invariants, >which may be used to trigger UB combined with other safe code. > >Alice I understand. Once the caller passes a value that cannot be represented with N bits, the type invariant is violated. Keeping this function safe could allow callers to overlook this critical requirement. Thank you for the feedback. I will submit v2 with the necessary changes and improved documentation. Best regards, Hsiu Che Yu
Powered by blists - more mailing lists