rust: allow empty slices on empty memory (but ensure memory exists)

axic · axic · commit 1cfdc2c989d1 · 2021-02-11T19:33:41.000Z
diff --git a/bindings/rust/src/lib.rs b/bindings/rust/src/lib.rs
@@ -297,12 +297,13 @@ impl Instance {
     ) -> Result<core::ops::Range<usize>, ()> {
         // This should be safe given usize::BITS >= u32::BITS, see https://doc.rust-lang.org/std/primitive.usize.html.
         let offset = offset as usize;
+        let has_memory = unsafe { sys::fizzy_module_has_memory(self.get_module()) };
         let memory_size = self.memory_size();
         // Empty slices are allowed, but ensure both starting and ending offsets are valid.
-        if memory_size == 0 || offset.checked_add(size).is_none() || (offset + size) > memory_size {
+        if !has_memory || offset.checked_add(size).is_none() || (offset + size) > memory_size {
             return Err(());
         }
-        debug_assert!(memory_size != 0);
+        // Slices allow len=0, but data must be a valid pointer.
         debug_assert!(
             unsafe { sys::fizzy_get_instance_memory_data(self.0.as_ptr()) } != std::ptr::null_mut()
         );
@@ -888,8 +889,8 @@ mod tests {
 
         // If there is no memory, do not allow any slice.
         unsafe {
-            assert!(instance.checked_memory_slice(0, 0).is_err());
-            assert!(instance.checked_memory_slice_mut(0, 0).is_err());
+            assert!(instance.checked_memory_slice(0, 0).is_ok());
+            assert!(instance.checked_memory_slice_mut(0, 0).is_ok());
             assert!(instance.checked_memory_slice(0, 65536).is_err());
             assert!(instance.checked_memory_slice_mut(0, 65536).is_err());
             assert!(instance.checked_memory_slice(65535, 1).is_err());
@@ -903,13 +904,13 @@ mod tests {
         }
 
         // Set memory via safe helper.
-        assert!(instance.memory_set(0, &[]).is_err());
+        assert!(instance.memory_set(0, &[]).is_ok());
         assert!(instance.memory_set(0, &[0x11, 0x22]).is_err());
         // Get memory via safe helper.
         let mut dst: Vec<u8> = Vec::new();
         dst.resize(65536, 0);
         // Reading empty slice.
-        assert!(instance.memory_get(0, &mut dst[0..0]).is_err());
+        assert!(instance.memory_get(0, &mut dst[0..0]).is_ok());
         // Reading 65536 bytes.
         assert!(instance.memory_get(0, &mut dst).is_err());
     }
