rust-ascii
rust-ascii copied to clipboard
tomprogrammer
`AsciiString::from_ascii` is unsound
An "evil" type can implement AsRef<[u8]> and Into<Vec<u8>> in inconsistent ways, which allows constructing a non-ASCII AsciiString:
use ascii::AsciiString;
struct EvilString(String);
impl AsRef<[u8]> for EvilString {
fn as_ref(&self) -> &[u8] {
""
}
}
impl From<EvilString> for Vec<u8> {
fn from(s: EvilString) -> Self {
s.0.into_bytes()
}
}
fn unsound(s: String) -> AsciiString {
// `s.as_ref()` is always empty and so valid ASCII, so this never fails, even if `s` contains non-ASCII characters.
AsciiString::from_ascii(EvilString(s)).unwrap()
}
