signalapp/ringrtc

Several functions in src/rust/src/core/util.rs are not sound

Closed this issue · 2 comments

alex commented

Specifically:

  • get_object_from_cpp
  • get_arc_from_ptr
  • ArcPtr::new
  • get_object_ref_from_ptr
  • get_object_from_ptr

These functions all dereference a raw-pointer, but are not marked unsafe. The result of this is that it is possible for callers of these functions can introduce memory unsafety by passing an invalid pointer, without introducing an unsafe block.

Functions which admit memory unsafety via misuses in Rust should always be unsafe fn.

@alex Thanks for your review and feedback.

The issue you raise has been addressed in the current release, https://github.com/signalapp/ringrtc/releases/tag/v0.1.2.

alex commented

Awesome!