#[test] fn zeroize_check_zerosize_types() { // Since we assume these types have zero size, we test this holds for // the current version of Rust.
assert_eq!(size_of::<()>(), 0);
assert_eq!(size_of::<PhantomPinned>(), 0);
assert_eq!(size_of::<PhantomData<usize>>(), 0);
}
impl Drop for PanicOnNonZeroDrop { fn drop(&mutself) { ifself.0 != 0 {
panic!("dropped non-zeroized data");
}
}
}
// Ensure that the entire capacity of the vec is zeroized and that no unitinialized data // is ever interpreted as initialized letmut vec = vec![PanicOnNonZeroDrop(42); 2];
// convert the string to a vec to easily access the unused capacity letmut as_vec = string.into_bytes(); unsafe { as_vec.set_len(as_vec.capacity()) };
assert!(as_vec.iter().all(|byte| *byte == 0));
}
// TODO(tarcieri): debug flaky test (with potential UB?) See: RustCrypto/utils#774 #[cfg(feature = "std")] #[ignore] #[test] fn zeroize_c_string() { letmut cstring = CString::new("Hello, world!").expect("CString::new failed"); let orig_len = cstring.as_bytes().len(); let orig_ptr = cstring.as_bytes().as_ptr();
cstring.zeroize(); // This doesn't quite test that the original memory has been cleared, but only that // cstring now owns an empty buffer
assert!(cstring.as_bytes().is_empty()); for i in0..orig_len { unsafe { // Using a simple deref, only one iteration of the loop is performed // presumably because after zeroize, the internal buffer has a length of one/ // `read_volatile` seems to "fix" this // Note that this is very likely UB
assert_eq!(orig_ptr.add(i).read_volatile(), 0);
}
}
}
Die Informationen auf dieser Webseite wurden
nach bestem Wissen sorgfältig zusammengestellt. Es wird jedoch weder Vollständigkeit, noch Richtigkeit,
noch Qualität der bereit gestellten Informationen zugesichert.
Bemerkung:
Die farbliche Syntaxdarstellung und die Messung sind noch experimentell.