Opened 2 years ago

#28079 new enhancement

Stop returning the empty string when the cstr! macro fails

Reported by: teor Owned by:
Priority: Medium Milestone: Tor: unspecified
Component: Core Tor/Tor Version:
Severity: Normal Keywords: rust
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:


Split off #28077:

from_bytes_with_nul returns an error if there is more than one nul byte in the string.
Returning an empty string could be a source of subtle bugs.

Misuse is extremely unlikely to slip in since this is only used on string literals. But yeah, the ideal solution would be statically asserting at compile-time that the passed literal has no NUL bytes in it, so the only one is the byte being appended.

But defaulting to an empty string(in a case that is basically impossible to get) is the intentional documented behavior of the macro ever since it was first merged in #25185. Improving on that seems like a separate ticket.

Child Tickets

Change History (0)

Note: See TracTickets for help on using tickets.