3 files changed, 20 insertions, 51 deletions

diff --git a/vendor/semver/src/backport.rs b/vendor/semver/src/backport.rs
index 4b67f56a5..b5e1d02be 100644
--- a/vendor/semver/src/backport.rs
+++ b/vendor/semver/src/backport.rs
@@ -18,43 +18,6 @@ pub(crate) use crate::alloc::vec::Vec;
 
 #[cfg(no_alloc_crate)] // rustc <1.36
 pub(crate) mod alloc {
+    pub use std::alloc;
     pub use std::vec;
-
-    pub mod alloc {
-        use std::mem;
-        use std::process;
-
-        #[derive(Copy, Clone)]
-        pub struct Layout {
-            size: usize,
-        }
-
-        impl Layout {
-            pub unsafe fn from_size_align_unchecked(size: usize, align: usize) -> Self {
-                assert_eq!(align, 2);
-                Layout { size }
-            }
-        }
-
-        pub unsafe fn alloc(layout: Layout) -> *mut u8 {
-            let len_u16 = (layout.size + 1) / 2;
-            let mut vec = Vec::new();
-            vec.reserve_exact(len_u16);
-            let ptr: *mut u16 = vec.as_mut_ptr();
-            mem::forget(vec);
-            ptr as *mut u8
-        }
-
-        pub unsafe fn dealloc(ptr: *mut u8, layout: Layout) {
-            let len_u16 = (layout.size + 1) / 2;
-            unsafe { Vec::from_raw_parts(ptr as *mut u16, 0, len_u16) };
-        }
-
-        pub fn handle_alloc_error(_layout: Layout) -> ! {
-            // This is unreachable because the alloc implementation above never
-            // returns null; Vec::reserve_exact would already have called std's
-            // internal handle_alloc_error.
-            process::abort();
-        }
-    }
 }
diff --git a/vendor/semver/src/identifier.rs b/vendor/semver/src/identifier.rs
index fbe1df020..0273ae62a 100644
--- a/vendor/semver/src/identifier.rs
+++ b/vendor/semver/src/identifier.rs
@@ -67,11 +67,13 @@
 // allows size_of::<Version>() == size_of::<Option<Version>>().
 
 use crate::alloc::alloc::{alloc, dealloc, handle_alloc_error, Layout};
+use core::isize;
 use core::mem;
 use core::num::{NonZeroU64, NonZeroUsize};
 use core::ptr::{self, NonNull};
 use core::slice;
 use core::str;
+use core::usize;
 
 const PTR_BYTES: usize = mem::size_of::<NonNull<u8>>();
 
@@ -103,6 +105,7 @@ impl Identifier {
     // SAFETY: string must be ASCII and not contain \0 bytes.
     pub(crate) unsafe fn new_unchecked(string: &str) -> Self {
         let len = string.len();
+        debug_assert!(len <= isize::MAX as usize);
         match len as u64 {
             0 => Self::empty(),
             1..=8 => {
@@ -118,8 +121,21 @@ impl Identifier {
                 // SAFETY: len is in a range that does not contain 0.
                 let size = bytes_for_varint(unsafe { NonZeroUsize::new_unchecked(len) }) + len;
                 let align = 2;
+                // On 32-bit and 16-bit architecture, check for size overflowing
+                // isize::MAX. Making an allocation request bigger than this to
+                // the allocator is considered UB. All allocations (including
+                // static ones) are limited to isize::MAX so we're guaranteed
+                // len <= isize::MAX, and we know bytes_for_varint(len) <= 5
+                // because 128**5 > isize::MAX, which means the only problem
+                // that can arise is when isize::MAX - 5 <= len <= isize::MAX.
+                // This is pretty much guaranteed to be malicious input so we
+                // don't need to care about returning a good error message.
+                if mem::size_of::<usize>() < 8 {
+                    let max_alloc = usize::MAX / 2 - align;
+                    assert!(size <= max_alloc);
+                }
                 // SAFETY: align is not zero, align is a power of two, and
-                // rounding size up to align does not overflow usize::MAX.
+                // rounding size up to align does not overflow isize::MAX.
                 let layout = unsafe { Layout::from_size_align_unchecked(size, align) };
                 // SAFETY: layout's size is nonzero.
                 let ptr = unsafe { alloc(layout) };
@@ -200,7 +216,7 @@ impl Clone for Identifier {
             let size = bytes_for_varint(len) + len.get();
             let align = 2;
             // SAFETY: align is not zero, align is a power of two, and rounding
-            // size up to align does not overflow usize::MAX. This is just
+            // size up to align does not overflow isize::MAX. This is just
             // duplicating a previous allocation where all of these guarantees
             // were already made.
             let layout = unsafe { Layout::from_size_align_unchecked(size, align) };
diff --git a/vendor/semver/src/lib.rs b/vendor/semver/src/lib.rs
index ca4d1119c..32ed96d1c 100644
--- a/vendor/semver/src/lib.rs
+++ b/vendor/semver/src/lib.rs
@@ -60,7 +60,7 @@
 //!
 //! [Specifying Dependencies]: https://doc.rust-lang.org/cargo/reference/specifying-dependencies.html
 
-#![doc(html_root_url = "https://docs.rs/semver/1.0.14")]
+#![doc(html_root_url = "https://docs.rs/semver/1.0.16")]
 #![cfg_attr(doc_cfg, feature(doc_cfg))]
 #![cfg_attr(all(not(feature = "std"), not(no_alloc_crate)), no_std)]
 #![cfg_attr(not(no_unsafe_op_in_unsafe_fn_lint), deny(unsafe_op_in_unsafe_fn))]
@@ -497,11 +497,6 @@ impl Comparator {
 }
 
 impl Prerelease {
-    // Work around https://github.com/rust-lang/rust/issues/97933
-    #[cfg(all(doc, semver_rustdoc_workaround))]
-    pub const EMPTY: Self = "";
-
-    #[cfg(not(all(doc, semver_rustdoc_workaround)))]
     pub const EMPTY: Self = Prerelease {
         identifier: Identifier::empty(),
     };
@@ -520,11 +515,6 @@ impl Prerelease {
 }
 
 impl BuildMetadata {
-    // Work around https://github.com/rust-lang/rust/issues/97933
-    #[cfg(all(doc, semver_rustdoc_workaround))]
-    pub const EMPTY: Self = "";
-
-    #[cfg(not(all(doc, semver_rustdoc_workaround)))]
     pub const EMPTY: Self = BuildMetadata {
         identifier: Identifier::empty(),
     };