sparkl icon indicating copy to clipboard operation
sparkl copied to clipboard
verified publisher icon dimforge

Unsound pub API

Open charlesxsh opened this issue 4 months ago • 0 comments

src_kernels/gpu_collider.rs

pub struct GpuColliderSet {
    pub ptr: *const GpuCollider,
    pub len: usize,
}

impl GpuColliderSet {
    pub fn get(&self, i: usize) -> Option<&GpuCollider> {
        if i >= self.len {
            None
        } else {
            unsafe { Some(&*self.ptr.add(i)) }
        }
    }

    pub fn iter(&self) -> GpuColliderIter {
        GpuColliderIter {
            ptr: self.ptr,
            len: self.len,
            _marker: PhantomData,
        }
    }
}

At function get, the parameter i is checked with a public field self.len, which might be altered without limitation. If self.len cannot reflect the length of the self.ptr, then *self.ptr.add(i) will have memory issues like out-of-bound access. The violated safety requirements is here. In Rust, safe function should not cause any memory issue.

Suggestion:

  1. mark function with unsafe 2.remove pub from fields
  2. add necessary checks

charlesxsh avatar Oct 02 '25 04:10 charlesxsh