VRFrameData::from_bytes is unsound

servo / rust-webvr

UNMAINTAINED - WebVR API implementation for servo.

Mozilla Public License 2.0

106 stars 23 forks source link

VRFrameData::from_bytes is unsound #19

Open nox opened 6 years ago

nox commented 6 years ago

This method builds a VRPose (for the pose field) out of a slice of bytes, but the VRPose struct contains Option<f64> types which don't have a specified layout and most importantly for which not all [u8] slices represent a valid value. VRPose::from_bytes should be unsafe.

https://github.com/MortimerGoro/rust-webvr/blob/cab969ee734908ebaac7667bbd4cd903e2135dd5/rust-webvr-api/src/vr_frame_data.rs#L54

MortimerGoro commented 6 years ago

Using the slice of bytes was a design decision to decouple Webrender and the WebVR implementation. This allowed for a quicker pull request cycle and avoided dependency version conflicts.

Now that WebGL/WebVR are not included in Webrender we can remove the byte slice conversions and use standard serde serialization.