blob: 31355fbb7b666c1117bb46eebb896c06df649d61 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
|
### What it does
Checks for public functions that dereference raw pointer
arguments but are not marked `unsafe`.
### Why is this bad?
The function should probably be marked `unsafe`, since
for an arbitrary raw pointer, there is no way of telling for sure if it is
valid.
### Known problems
* It does not check functions recursively so if the pointer is passed to a
private non-`unsafe` function which does the dereferencing, the lint won't
trigger.
* It only checks for arguments whose type are raw pointers, not raw pointers
got from an argument in some other way (`fn foo(bar: &[*const u8])` or
`some_argument.get_raw_ptr()`).
### Example
```
pub fn foo(x: *const u8) {
println!("{}", unsafe { *x });
}
```
Use instead:
```
pub unsafe fn foo(x: *const u8) {
println!("{}", unsafe { *x });
}
```
|