summaryrefslogtreecommitdiffstats
path: root/third_party/rust/getrandom/src/hermit.rs
diff options
context:
space:
mode:
Diffstat (limited to 'third_party/rust/getrandom/src/hermit.rs')
-rw-r--r--third_party/rust/getrandom/src/hermit.rs24
1 files changed, 16 insertions, 8 deletions
diff --git a/third_party/rust/getrandom/src/hermit.rs b/third_party/rust/getrandom/src/hermit.rs
index 570b03d9a5..c4f619417e 100644
--- a/third_party/rust/getrandom/src/hermit.rs
+++ b/third_party/rust/getrandom/src/hermit.rs
@@ -1,5 +1,11 @@
+//! Implementation for Hermit
use crate::Error;
-use core::{cmp::min, mem::MaybeUninit, num::NonZeroU32};
+use core::{mem::MaybeUninit, num::NonZeroU32};
+
+/// Minimum return value which we should get from syscalls in practice,
+/// because Hermit uses positive `i32`s for error codes:
+/// https://github.com/hermitcore/libhermit-rs/blob/main/src/errno.rs
+const MIN_RET_CODE: isize = -(i32::MAX as isize);
extern "C" {
fn sys_read_entropy(buffer: *mut u8, length: usize, flags: u32) -> isize;
@@ -8,14 +14,16 @@ extern "C" {
pub fn getrandom_inner(mut dest: &mut [MaybeUninit<u8>]) -> Result<(), Error> {
while !dest.is_empty() {
let res = unsafe { sys_read_entropy(dest.as_mut_ptr() as *mut u8, dest.len(), 0) };
- if res < 0 {
- // SAFETY: all Hermit error codes use i32 under the hood:
- // https://github.com/hermitcore/libhermit-rs/blob/master/src/errno.rs
- let code = unsafe { NonZeroU32::new_unchecked((-res) as u32) };
- return Err(code.into());
+ // Positive `isize`s can be safely casted to `usize`
+ if res > 0 && (res as usize) <= dest.len() {
+ dest = &mut dest[res as usize..];
+ } else {
+ let err = match res {
+ MIN_RET_CODE..=-1 => NonZeroU32::new(-res as u32).unwrap().into(),
+ _ => Error::UNEXPECTED,
+ };
+ return Err(err);
}
- let len = min(res as usize, dest.len());
- dest = &mut dest[len..];
}
Ok(())
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-08-22 22:40:11 +0000