Closed overlookmotel closed 1 month ago
CI fails are I believe caused by tests/fuzz which are breaking the safety constraint of utf8_unchecked
. If intention is to merge this, those tests should be removed/adapted.
I've fixed the proptest, but I don't know how to alter the fuzzer.
Sorry for the delay here @overlookmotel, and thank you for the PR!
This is a very good point, I would like to add more documentation explaining what might occur if the user does not provide valid UTF-8. This PR has sat open for long enough though, I'll merge as-is and add the docs myself :)
No worries at all. Open source! Everyone is busy... appreciate you merging.
This PR removes the following code from
Repr::from_utf8_unchecked
:https://github.com/ParkMyCar/compact_str/blob/d4798639c24cacf528770d83e8842336b79fbc39/compact_str/src/repr/mod.rs#L126-L137
In my opinion, this code should be removed for 2 reasons:
from_utf8_unchecked
thatbuf
is the bytes of a valid UTF8 string. This check penalizes users who follow the safety contract (which everyone should), in order to support users who don't (and therefore have opted in to UB).buf
ends with the first byte of a multi-byte Unicode character, for example calling.as_str().chars().collect::<Vec<char>>()
on the resultingCompactString
will cause an out of bounds read.