Skip to content

Commit 9026d6d

Browse files
esteveesteve
committed
build!: wrap unsafe code inside unsafe functions to comply with Rust 2024
Signed-off-by: Esteve Fernandez <esteve@apache.org>
1 parent f8d4376 commit 9026d6d

File tree

2 files changed

+53
-38
lines changed

2 files changed

+53
-38
lines changed

rclrs/src/parameter/override_map.rs

Lines changed: 10 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -48,12 +48,14 @@ impl RclParamsIter<'_> {
4848
rcl_node_params: &[],
4949
}
5050
} else {
51-
let node_name_ptrs =
52-
rcl_from_raw_parts((*rcl_params).node_names, (*rcl_params).num_nodes);
53-
let rcl_node_params = rcl_from_raw_parts((*rcl_params).params, (*rcl_params).num_nodes);
54-
Self {
55-
node_name_ptrs,
56-
rcl_node_params,
51+
unsafe {
52+
let node_name_ptrs =
53+
rcl_from_raw_parts((*rcl_params).node_names, (*rcl_params).num_nodes);
54+
let rcl_node_params = rcl_from_raw_parts((*rcl_params).params, (*rcl_params).num_nodes);
55+
Self {
56+
node_name_ptrs,
57+
rcl_node_params,
58+
}
5759
}
5860
}
5961
}
@@ -82,9 +84,9 @@ impl<'a> RclNodeParamsIter<'a> {
8284
// sizes or dangling pointers.
8385
pub unsafe fn new(rcl_node_params: &'a rcl_node_params_t) -> Self {
8486
let param_name_ptrs =
85-
rcl_from_raw_parts(rcl_node_params.parameter_names, rcl_node_params.num_params);
87+
unsafe { rcl_from_raw_parts(rcl_node_params.parameter_names, rcl_node_params.num_params) };
8688
let rcl_variants =
87-
rcl_from_raw_parts(rcl_node_params.parameter_values, rcl_node_params.num_params);
89+
unsafe { rcl_from_raw_parts(rcl_node_params.parameter_values, rcl_node_params.num_params) };
8890
Self {
8991
param_name_ptrs,
9092
rcl_variants,

rclrs/src/parameter/value.rs

Lines changed: 43 additions & 30 deletions
Original file line numberDiff line numberDiff line change
@@ -453,7 +453,8 @@ impl ParameterValue {
453453
.map(u8::from)
454454
.sum();
455455
assert_eq!(num_active, 1);
456-
// Note: This code has no unsafe blocks because it is inside an unsafe function.
456+
// Note: Unsafe blocks below are necessary to dereference raw pointers
457+
// and call unsafe functions like CStr::from_ptr.
457458
// In general, the following operations are as safe as they can be, because
458459
// only non-null pointers are dereferenced, and strings and arrays are copied immediately,
459460
// so there are no concerns about choosing the correct lifetime.
@@ -462,43 +463,55 @@ impl ParameterValue {
462463
// However, it cannot be checked that it points to a valid value. Similarly for array sizes.
463464
// This is why this function must be unsafe itself.
464465
if !var.bool_value.is_null() {
465-
ParameterValue::Bool(*var.bool_value)
466+
unsafe { ParameterValue::Bool(*var.bool_value) }
466467
} else if !var.integer_value.is_null() {
467-
ParameterValue::Integer(*var.integer_value)
468+
unsafe { ParameterValue::Integer(*var.integer_value) }
468469
} else if !var.double_value.is_null() {
469-
ParameterValue::Double(*var.double_value)
470+
unsafe { ParameterValue::Double(*var.double_value) }
470471
} else if !var.string_value.is_null() {
471-
let cstr = CStr::from_ptr(var.string_value);
472-
let s = cstr.to_string_lossy().into_owned();
473-
ParameterValue::String(s.into())
472+
unsafe {
473+
let cstr = CStr::from_ptr(var.string_value);
474+
let s = cstr.to_string_lossy().into_owned();
475+
ParameterValue::String(s.into())
476+
}
474477
} else if !var.byte_array_value.is_null() {
475-
let rcl_byte_array = &*var.byte_array_value;
476-
let slice = rcl_from_raw_parts(rcl_byte_array.values, rcl_byte_array.size);
477-
ParameterValue::ByteArray(slice.into())
478+
unsafe {
479+
let rcl_byte_array = &*var.byte_array_value;
480+
let slice = rcl_from_raw_parts(rcl_byte_array.values, rcl_byte_array.size);
481+
ParameterValue::ByteArray(slice.into())
482+
}
478483
} else if !var.bool_array_value.is_null() {
479-
let rcl_bool_array = &*var.bool_array_value;
480-
let slice = rcl_from_raw_parts(rcl_bool_array.values, rcl_bool_array.size);
481-
ParameterValue::BoolArray(slice.into())
484+
unsafe {
485+
let rcl_bool_array = &*var.bool_array_value;
486+
let slice = rcl_from_raw_parts(rcl_bool_array.values, rcl_bool_array.size);
487+
ParameterValue::BoolArray(slice.into())
488+
}
482489
} else if !var.integer_array_value.is_null() {
483-
let rcl_integer_array = &*var.integer_array_value;
484-
let slice = rcl_from_raw_parts(rcl_integer_array.values, rcl_integer_array.size);
485-
ParameterValue::IntegerArray(slice.into())
490+
unsafe {
491+
let rcl_integer_array = &*var.integer_array_value;
492+
let slice = rcl_from_raw_parts(rcl_integer_array.values, rcl_integer_array.size);
493+
ParameterValue::IntegerArray(slice.into())
494+
}
486495
} else if !var.double_array_value.is_null() {
487-
let rcl_double_array = &*var.double_array_value;
488-
let slice = rcl_from_raw_parts(rcl_double_array.values, rcl_double_array.size);
489-
ParameterValue::DoubleArray(slice.into())
496+
unsafe {
497+
let rcl_double_array = &*var.double_array_value;
498+
let slice = rcl_from_raw_parts(rcl_double_array.values, rcl_double_array.size);
499+
ParameterValue::DoubleArray(slice.into())
500+
}
490501
} else if !var.string_array_value.is_null() {
491-
let rcutils_string_array = &*var.string_array_value;
492-
let slice = rcl_from_raw_parts(rcutils_string_array.data, rcutils_string_array.size);
493-
let strings = slice
494-
.iter()
495-
.map(|&ptr| {
496-
debug_assert!(!ptr.is_null());
497-
let cstr = CStr::from_ptr(ptr);
498-
Arc::from(cstr.to_string_lossy())
499-
})
500-
.collect::<Vec<_>>();
501-
ParameterValue::StringArray(strings.into())
502+
unsafe {
503+
let rcutils_string_array = &*var.string_array_value;
504+
let slice = rcl_from_raw_parts(rcutils_string_array.data, rcutils_string_array.size);
505+
let strings = slice
506+
.iter()
507+
.map(|&ptr| {
508+
debug_assert!(!ptr.is_null());
509+
let cstr = CStr::from_ptr(ptr);
510+
Arc::from(cstr.to_string_lossy())
511+
})
512+
.collect::<Vec<_>>();
513+
ParameterValue::StringArray(strings.into())
514+
}
502515
} else {
503516
unreachable!()
504517
}

0 commit comments

Comments
 (0)