Skip to content

Commit ab26d5a

Browse files
folkertdevfolkertdev
committed
reword a safety comment
1 parent 41afb3d commit ab26d5a

File tree

1 file changed

+20
-22
lines changed

1 file changed

+20
-22
lines changed

libz-rs-sys/src/gz.rs

Lines changed: 20 additions & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -107,32 +107,30 @@ impl GzState {
107107
Ok((exclusive, cloexec))
108108
}
109109

110-
// Compute the number of bytes of input buffered in `self`.
111-
//
112-
// # Safety
113-
//
114-
// Either
115-
// - `state.next_in` points into the buffer that starts at `state.input`, or
116-
// - `state.input` is null.
117-
//
118-
// It is almost always the case that one of those two conditions is true
119-
// inside this module. The notable exception is in a specific block within
120-
// `gz_write`, where we temporarily set `state.next_in` to point to a
121-
// caller-supplied bufferto do a zero-copy optimization when compressing
122-
// large inputs.
110+
/// Compute the number of bytes of input buffered in `self`.
111+
///
112+
/// # Safety
113+
///
114+
/// Either
115+
/// - `state.input` is null.
116+
/// - `state.stream.next_in .. state.stream.next_in + state.stream.avail_in`
117+
/// is contained in `state.input .. state.input + state.in_size`.
118+
///
119+
/// It is almost always the case that one of those two conditions is true
120+
/// inside this module. The notable exception is in a specific block within
121+
/// `gz_write`, where we temporarily set `state.next_in` to point to a
122+
/// caller-supplied buffer to do a zero-copy optimization when compressing
123+
/// large inputs.
123124
unsafe fn input_len(&self) -> usize {
124125
if self.input.is_null() {
125126
return 0;
126127
}
127-
// Safety: As long as the caller has verified that `stream.next_in` points inside
128-
// the buffer that starts at `input`, `stream.next_in + stream.avail_in` will be within
129-
// that buffer too.
130-
(unsafe {
131-
self.stream
132-
.next_in
133-
.add(self.stream.avail_in as usize)
134-
.offset_from(self.input)
135-
}) as _
128+
129+
// Safety: `next_in .. next_in + avail_in` is a subslice, so the preconditions hold.
130+
let end = unsafe { self.stream.next_in.add(self.stream.avail_in as usize) };
131+
132+
// Safety: the caller guarantees that the input slice of `stream` is a subslice of `input`.
133+
(unsafe { end.offset_from(self.input) }) as _
136134
}
137135
}
138136

0 commit comments

Comments
 (0)