Improve Rust implementation

- Move mmap_file implementation into Rust - Introduce Utf8CStr as the better c-string type to use
2025-12-11 22:12:27 +00:00 · 2023-06-12 01:07:43 -07:00
parent 866386e21f
commit 23c1f0111b
9 changed files with 352 additions and 118 deletions
--- a/native/src/base/misc.rs
+++ b/native/src/base/misc.rs
@@ -1,9 +1,12 @@
 use std::cmp::min;
-use std::ffi::CStr;
-use std::fmt::{Arguments, Debug};
+use std::ffi::{CStr, FromBytesWithNulError, OsStr};
+use std::fmt::{Arguments, Debug, Display, Formatter};
+use std::ops::Deref;
+use std::path::Path;
 use std::str::Utf8Error;
-use std::{fmt, slice};
+use std::{fmt, io, slice, str};

+use libc::c_char;
 use thiserror::Error;

 pub fn copy_str<T: AsRef<[u8]>>(dest: &mut [u8], src: T) -> usize {
@@ -96,14 +99,120 @@ macro_rules! raw_cstr {
 #[derive(Debug, Error)]
 pub enum StrErr {
    #[error(transparent)]
-    Invalid(#[from] Utf8Error),
+    Utf8Error(#[from] Utf8Error),
+    #[error(transparent)]
+    CStrError(#[from] FromBytesWithNulError),
    #[error("argument is null")]
-    NullPointer,
+    NullPointerError,
+}
+
+// The better CStr: UTF-8 validated + null terminated buffer
+pub struct Utf8CStr {
+    inner: [u8],
+}
+
+impl Utf8CStr {
+    pub fn from_cstr(cstr: &CStr) -> Result<&Utf8CStr, StrErr> {
+        // Validate the buffer during construction
+        str::from_utf8(cstr.to_bytes())?;
+        Ok(unsafe { Self::from_bytes_unchecked(cstr.to_bytes_with_nul()) })
+    }
+
+    pub fn from_bytes(buf: &[u8]) -> Result<&Utf8CStr, StrErr> {
+        Self::from_cstr(CStr::from_bytes_with_nul(buf)?)
+    }
+
+    pub fn from_string(s: &mut String) -> &Utf8CStr {
+        if s.capacity() == s.len() {
+            s.reserve(1);
+        }
+        // SAFETY: the string is reserved to have enough capacity to fit in the null byte
+        // SAFETY: the null byte is explicitly added outside of the string's length
+        unsafe {
+            let buf = slice::from_raw_parts_mut(s.as_mut_ptr(), s.len() + 1);
+            *buf.get_unchecked_mut(s.len()) = b'\0';
+            Self::from_bytes_unchecked(buf)
+        }
+    }
+
+    pub unsafe fn from_bytes_unchecked(buf: &[u8]) -> &Utf8CStr {
+        &*(buf as *const [u8] as *const Utf8CStr)
+    }
+
+    pub unsafe fn from_ptr<'a>(ptr: *const c_char) -> Result<&'a Utf8CStr, StrErr> {
+        if ptr.is_null() {
+            return Err(StrErr::NullPointerError);
+        }
+        Self::from_cstr(unsafe { CStr::from_ptr(ptr) })
+    }
+
+    pub fn as_bytes(&self) -> &[u8] {
+        // The length of the slice is at least 1 due to null termination check
+        unsafe { self.inner.get_unchecked(..self.inner.len() - 1) }
+    }
+
+    pub fn as_bytes_with_nul(&self) -> &[u8] {
+        &self.inner
+    }
+
+    pub fn as_ptr(&self) -> *const c_char {
+        self.inner.as_ptr().cast()
+    }
+}
+
+impl Deref for Utf8CStr {
+    type Target = str;
+
+    fn deref(&self) -> &str {
+        self.as_ref()
+    }
+}
+
+impl Display for Utf8CStr {
+    fn fmt(&self, f: &mut Formatter<'_>) -> fmt::Result {
+        Display::fmt(self.deref(), f)
+    }
+}
+
+impl Debug for Utf8CStr {
+    fn fmt(&self, f: &mut Formatter<'_>) -> fmt::Result {
+        Debug::fmt(self.deref(), f)
+    }
+}
+
+impl AsRef<CStr> for Utf8CStr {
+    #[inline]
+    fn as_ref(&self) -> &CStr {
+        // SAFETY: Already validated as null terminated during construction
+        unsafe { CStr::from_bytes_with_nul_unchecked(&self.inner) }
+    }
+}
+
+impl AsRef<str> for Utf8CStr {
+    #[inline]
+    fn as_ref(&self) -> &str {
+        // SAFETY: Already UTF-8 validated during construction
+        unsafe { str::from_utf8_unchecked(self.as_bytes()) }
+    }
+}
+
+impl AsRef<OsStr> for Utf8CStr {
+    #[inline]
+    fn as_ref(&self) -> &OsStr {
+        OsStr::new(self)
+    }
+}
+
+impl AsRef<Path> for Utf8CStr {
+    #[inline]
+    fn as_ref(&self) -> &Path {
+        Path::new(self)
+    }
 }

 pub fn ptr_to_str_result<'a, T>(ptr: *const T) -> Result<&'a str, StrErr> {
    if ptr.is_null() {
-        Err(StrErr::NullPointer)
+        Err(StrErr::NullPointerError)
    } else {
        unsafe { CStr::from_ptr(ptr.cast()) }
            .to_str()
@@ -167,3 +276,38 @@ pub trait FlatData {
        }
    }
 }
+
+// Check libc return value and map errors to Result
+pub trait LibcReturn: Copy {
+    fn is_error(&self) -> bool;
+    fn check_os_err(self) -> io::Result<Self> {
+        if self.is_error() {
+            return Err(io::Error::last_os_error());
+        }
+        Ok(self)
+    }
+}
+
+impl LibcReturn for i32 {
+    fn is_error(&self) -> bool {
+        *self < 0
+    }
+}
+
+impl LibcReturn for isize {
+    fn is_error(&self) -> bool {
+        *self < 0
+    }
+}
+
+impl<T> LibcReturn for *const T {
+    fn is_error(&self) -> bool {
+        self.is_null()
+    }
+}
+
+impl<T> LibcReturn for *mut T {
+    fn is_error(&self) -> bool {
+        self.is_null()
+    }
+}