feat: Remove dangerous FromMemoryView blanket impl for all Copy types. Instead, provide explicit implementations only for primitive types.

Author: WolverinDEV

Cargo.lock

@@ -8,6 +8,7 @@ use raw_struct::{
     raw_struct,
     Copy,
     CopyMemory,
+    FromMemoryView,
     SizedViewable,
 };
 
@@ -26,7 +27,7 @@ fn main() -> Result<(), Box<dyn Error + Send + Sync>> {
 }
 
 #[raw_struct(memory = "([u8; 0x10], T)")]
-struct Container<T: marker::Copy + Send + Sync + 'static> {
+struct Container<T: marker::Copy + FromMemoryView + Send + Sync + 'static> {
     #[field(offset = 0x00)]
     pub var_a: u64,
 

examples/dyn_memory/src/main.rs

@@ -10,7 +10,7 @@ description.workspace = true
 readme = "../README.MD"
 
 [dependencies]
-raw_struct_derive = { version = "0.1", path = "../raw_struct_derive" }
+raw_struct_derive = { version = "*", path = "../raw_struct_derive" }
 
 [features]
 no_std = []

raw_struct/Cargo.toml

@@ -30,6 +30,20 @@ impl<T: ?Sized> Clone for Ptr64<T> {
 }
 impl<T: ?Sized> marker::Copy for Ptr64<T> {}
 
+impl<T: ?Sized> FromMemoryView for Ptr64<T> {
+    type DecodeError = <u64 as FromMemoryView>::DecodeError;
+
+    fn read_object<M: MemoryView>(
+        view: &M,
+        offset: u64,
+    ) -> Result<Self, MemoryDecodeError<M::AccessError, Self::DecodeError>> {
+        Ok(Self {
+            address: u64::read_object(view, offset)?,
+            _type: Default::default(),
+        })
+    }
+}
+
 impl<T: ?Sized> Ptr64<T> {
     pub fn is_null(&self) -> bool {
         self.address == 0

raw_struct/src/builtins/ptr.rs

@@ -1,4 +1,5 @@
 use core::{
+    convert::Infallible,
     marker,
     mem::{
         self,
@@ -9,6 +10,8 @@ use core::{
 };
 
 use crate::{
+    FromMemoryView,
+    MemoryDecodeError,
     MemoryView,
     OutOfBoundsViolation,
     Reference,
@@ -70,6 +73,17 @@ impl<T: SizedViewable> Copy<T> {
     }
 }
 
+impl<T: SizedViewable> FromMemoryView for Copy<T> {
+    type DecodeError = Infallible;
+
+    fn read_object<M: MemoryView>(
+        view: &M,
+        offset: u64,
+    ) -> Result<Self, MemoryDecodeError<M::AccessError, Self::DecodeError>> {
+        Self::read_from_memory(view, offset).map_err(MemoryDecodeError::MemoryAccess)
+    }
+}
+
 impl<T> Clone for Copy<T>
 where
     T: SizedViewable,

raw_struct/src/copy.rs

@@ -58,23 +58,81 @@ pub trait FromMemoryView: Sized {
     // fn read_boxed(view: &dyn MemoryView, offset: u64) -> Result<Box<Self>, Box<dyn error::ErrorType>>;
 }
 
-/// By default all copy traits are decodeable from memory.
-// FIXME: Remove this as it's ub for invalid values. Explicitly implement this trait for certain types instead!
-impl<T: Copy> FromMemoryView for T {
+macro_rules! impl_from_memory_copy {
+    ($type:ty) => {
+        impl FromMemoryView for $type {
+            type DecodeError = Infallible;
+
+            fn read_object<M: MemoryView>(
+                view: &M,
+                offset: u64,
+            ) -> Result<Self, MemoryDecodeError<M::AccessError, Self::DecodeError>> {
+                let mut result = MaybeUninit::uninit();
+
+                {
+                    let result_memory = unsafe {
+                        slice::from_raw_parts_mut(
+                            result.as_mut_ptr() as *mut u8,
+                            mem::size_of::<$type>(),
+                        )
+                    };
+
+                    view.read_memory(offset, result_memory)
+                        .map_err(MemoryDecodeError::MemoryAccess)?;
+                }
+
+                Ok(unsafe { result.assume_init() })
+            }
+        }
+
+        impl<const N: usize> FromMemoryView for [$type; N] {
+            type DecodeError = Infallible;
+
+            fn read_object<M: MemoryView>(
+                view: &M,
+                offset: u64,
+            ) -> Result<Self, MemoryDecodeError<M::AccessError, Self::DecodeError>> {
+                let mut result = MaybeUninit::uninit();
+
+                {
+                    let result_memory = unsafe {
+                        slice::from_raw_parts_mut(
+                            result.as_mut_ptr() as *mut u8,
+                            mem::size_of::<$type>() * N,
+                        )
+                    };
+
+                    view.read_memory(offset, result_memory)
+                        .map_err(MemoryDecodeError::MemoryAccess)?;
+                }
+
+                Ok(unsafe { result.assume_init() })
+            }
+        }
+    };
+}
+
+impl_from_memory_copy!(i8);
+impl_from_memory_copy!(u8);
+impl_from_memory_copy!(i16);
+impl_from_memory_copy!(u16);
+impl_from_memory_copy!(i32);
+impl_from_memory_copy!(u32);
+impl_from_memory_copy!(i64);
+impl_from_memory_copy!(u64);
+
+impl_from_memory_copy!(f32);
+impl_from_memory_copy!(f64);
+
+impl FromMemoryView for bool {
     type DecodeError = Infallible;
 
     fn read_object<M: MemoryView>(
         view: &M,
         offset: u64,
     ) -> Result<Self, MemoryDecodeError<M::AccessError, Self::DecodeError>> {
-        let mut result = MaybeUninit::uninit();
-        let size = mem::size_of::<T>();
-
-        let buffer = unsafe { slice::from_raw_parts_mut(&mut result as *mut _ as *mut u8, size) };
-        view.read_memory(offset, buffer)
-            .map_err(MemoryDecodeError::MemoryAccess)?;
-
-        Ok(unsafe { result.assume_init() })
+        let value = u8::read_object(view, offset)?;
+        Ok(value > 0)
     }
 }