You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Any improvement is good. A solution does not have to be perfect to provide us with utility.
Correspondingly, s2n-tls should add runtime checks to the s2n_stuffer.
A bitflag writeable would be added to s2n_stuffer.
All methods that write to the data inside the stuffer would include a new check
RESULT_PRECONDITION(s2n_stuffer_is_writeable(s));
Standard stuffer initialization methods would set writeable to true. s2n_stuffer_init_ro_from_string would not set the writeable bit. This would make storing const data in s2n_stuffers much safer.
The text was updated successfully, but these errors were encountered:
Problem:
The C pointer often take mutable pointers when the API is logically const.
This results in a large number unsafe casts in the Rust bindings. There are limited mechanisms to enforce that
This has already been discussed in #4140 .
Part of resolving this will require
s2n_stuffersto support read-only behaviors.We already have methods for this purpose, but they serve more as documentation than enforcement.
s2n-tls/stuffer/s2n_stuffer.h
Lines 195 to 196 in 9877437
Solution:
Any improvement is good. A solution does not have to be perfect to provide us with utility.
Correspondingly, s2n-tls should add runtime checks to the s2n_stuffer.
A bitflag
writeablewould be added tos2n_stuffer.All methods that write to the data inside the stuffer would include a new check
Standard stuffer initialization methods would set
writeableto true.s2n_stuffer_init_ro_from_stringwould not set the writeable bit. This would make storingconstdata ins2n_stuffers much safer.The text was updated successfully, but these errors were encountered: