Unsound usages of unsafe implementation from smaller size to larger size

Question

Unsound usages of unsafe implementation from smaller size to larger size

Closed this issue 4 months ago · 2 comments

Hi, I am scanning the httparse in the latest version with my own static analyzer tool.

Unsafe conversion found at: src/simd/sse42.rs:57:32: 57:47

let data = _mm_lddqu_si128(ptr as *const _);

This unsound implementation would create a misalignment issues. If the [u8] size is smaller than the i128, it would potentially lead to access out-of-bound in the memory.

This would potentially cause undefined behaviors in Rust. If we further manipulate the problematic converted types, it would potentially lead to different consequences. I am reporting this issue for your attention.

Answer 1 · 2024-05-26T21:29:29.000Z

Can you say more about what specifically is the issue? There's an assert at the beginning of the function that there are at least 16 bytes in the slice. And the place this function is called, the function above it, also checks there are at least 16 bytes.

Answer 2 · 2024-05-27T02:49:53.000Z

I see, thanks for your reply. If there're assertions, there may not be any issue here.