It already has one memory safety measure: poisoning. It fills memory with specific pattern before returning it to user and after returning it to pool.
It would be nice to add two more safety checks:
[x] boundary (canary) guard:
internally, make slot bigger; insert guard areas before and after slot's memory intended for user
when we return memory to user, fill guard areas with some pattern
when user returns memory to pool, check if guard areas are still filled with same pattern; if not, issue a panic (it means that the user has buffer overflow bug)
(pattern for memory guards should be handled by core::PoisonOps; we should add a new pattern for guard areas)
[x] ownership guard:
in addition to memory guard, insert ownership field before slot's memory; it is just a pointer to the pool that owns the slot
when we return memory to user, set pointer to the owning pool
when user returns memory to pool, check if we're the owning pool; if not, issue a panic (it means that the user tries to return memory to wrong pool or passed invalid pointer)
core::Pool implements slab pool. (Actual implementation is in core::PoolImpl).
It already has one memory safety measure: poisoning. It fills memory with specific pattern before returning it to user and after returning it to pool.
It would be nice to add two more safety checks:
[x] boundary (canary) guard:
(pattern for memory guards should be handled by core::PoisonOps; we should add a new pattern for guard areas)
[x] ownership guard: