Open Arnavion opened 7 months ago
Yeah, that's just not a good API. I don't think an assert is the best. Maybe debug_assert
. But at least it should return an error if their lengths don't match.
But really, the function should take them as pairs, like:
pub fn subscribe_many<T: AsRef<str>>(&self, topics_qos: &[(T, i32)]) -> SubscribeManyToken { ... }
Right? Maybe at the next breaking change update?
Although, 90% of the time that I use this function, I give all the topics the same QoS. So perhaps a version that takes multiple topics bust just one QoS value:
pub fn subscribe_many<T: AsRef<str>>(&self, topics: &[T], qos: i32) -> SubscribeManyToken { ... }
https://github.com/eclipse/paho.mqtt.rust/blob/cf953b937eaa66c436e746dcfde98d2bf61b36ac/src/async_client.rs#L878-L896
The Rust code passes in
topics.len()
as thecount
parameter ofMQTTAsync_subscribeMany
, which then assumes thatqos
also has the same number of elements. If the caller passes in a smaller slice ofqos
, then the C library will read past the end of the slice.Since the function is infallible, you could at least add an assert like: