Ensure that String pointers are aligned before converting into BoxedString.

Author: bodil

src/boxed.rs

@@ -27,6 +27,15 @@ pub(crate) struct BoxedString {
     ptr: NonNull<u8>,
 }
 
+/// Checks if a pointer is aligned to an even address (good)
+/// or an odd address (either actually an InlineString or very, very bad).
+///
+/// Returns `true` if aligned to an odd address, `false` if even. The sense of
+/// the boolean is "does this look like an InlineString? true/false"
+fn check_alignment(ptr: *const u8) -> bool {
+    ptr.align_offset(2) > 0
+}
+
 impl GenericString for BoxedString {
     fn set_size(&mut self, size: usize) {
         self.len = size;
@@ -44,9 +53,8 @@ impl GenericString for BoxedString {
 impl BoxedString {
     const MINIMAL_CAPACITY: usize = MAX_INLINE * 2;
 
-    pub(crate) fn check_alignment(this: &Self) -> usize {
-        let ptr: *const u8 = this.ptr.as_ptr();
-        ptr.align_offset(2)
+    pub(crate) fn check_alignment(this: &Self) -> bool {
+        check_alignment(this.ptr.as_ptr())
     }
 
     fn layout_for(cap: usize) -> Layout {
@@ -163,6 +171,10 @@ impl From<String> for BoxedString {
         if s.is_empty() {
             Self::new(s.capacity())
         } else {
+            // If the `String`'s buffer isn't word aligned, we can't reuse it.
+            if check_alignment(s.as_ptr()) {
+                return Self::from_str(s.capacity(), &s);
+            }
             // TODO: Use String::into_raw_parts when stabilised, meanwhile let's get unsafe
             let len = s.len();
             let cap = s.capacity();

src/lib.rs

@@ -300,7 +300,7 @@ impl<Mode: SmartStringMode> SmartString<Mode> {
         let str_ptr: *const BoxedString =
             self.data.as_ptr().cast() as *const _ as *const BoxedString;
         #[allow(unsafe_code)]
-        Discriminant::from_bit(BoxedString::check_alignment(unsafe { &*str_ptr }) == 1)
+        Discriminant::from_bit(BoxedString::check_alignment(unsafe { &*str_ptr }))
     }
 
     fn cast(&self) -> StringCast<'_> {

src/test.rs

@@ -535,11 +535,11 @@ mod tests {
         let boxed_ptr: *const BoxedString = inline_ptr.cast();
         #[allow(unsafe_code)]
         let discriminant =
-            Discriminant::from_bit(BoxedString::check_alignment(unsafe { &*boxed_ptr }) == 1);
+            Discriminant::from_bit(BoxedString::check_alignment(unsafe { &*boxed_ptr }));
         assert_eq!(Discriminant::Inline, discriminant);
 
         let boxed = BoxedString::from_str(32, "welp");
-        let discriminant = Discriminant::from_bit(BoxedString::check_alignment(&boxed) == 1);
+        let discriminant = Discriminant::from_bit(BoxedString::check_alignment(&boxed));
         assert_eq!(Discriminant::Boxed, discriminant);
 
         let mut s = SmartString::<Compact>::new();