add some missing unsafe

2025-07-28 03:27:44 +00:00 · 2025-03-08 15:36:51 +01:00 · 2025-03-08 15:36:51 +01:00 · b4ac10769d
commit b4ac10769d
parent 85c5d39fd7
12 changed files with 61 additions and 49 deletions
--- a/fuzz/fuzz_targets/fuzz_expr.rs
+++ b/fuzz/fuzz_targets/fuzz_expr.rs
@ -69,7 +69,9 @@ fuzz_target!(|_data: &[u8]| {
    // Use C locale to avoid false positives, like in https://github.com/uutils/coreutils/issues/5378,
    // because uutils expr doesn't support localization yet
    // TODO remove once uutils expr supports localization
-    env::set_var("LC_COLLATE", "C");
+    unsafe {
        env::set_var("LC_COLLATE", "C");
    }
    let rust_result = generate_and_run_uumain(&args, uumain, None);
    let gnu_result = match run_gnu_cmd(CMD_PATH, &args[1..], false, None) {
--- a/fuzz/fuzz_targets/fuzz_printf.rs
+++ b/fuzz/fuzz_targets/fuzz_printf.rs
@ -84,7 +84,9 @@ fuzz_target!(|_data: &[u8]| {
    let rust_result = generate_and_run_uumain(&args, uumain, None);
    // TODO remove once uutils printf supports localization
-    env::set_var("LC_ALL", "C");
+    unsafe {
        env::set_var("LC_ALL", "C");
    }
    let gnu_result = match run_gnu_cmd(CMD_PATH, &args[1..], false, None) {
        Ok(result) => result,
        Err(error_result) => {
--- a/fuzz/fuzz_targets/fuzz_sort.rs
+++ b/fuzz/fuzz_targets/fuzz_sort.rs
@ -60,7 +60,9 @@ fuzz_target!(|_data: &[u8]| {
    let rust_result = generate_and_run_uumain(&args, uumain, Some(&input_lines));
    // TODO remove once uutils sort supports localization
-    env::set_var("LC_ALL", "C");
+    unsafe {
        env::set_var("LC_ALL", "C");
    }
    let gnu_result = match run_gnu_cmd(CMD_PATH, &args[1..], false, Some(&input_lines)) {
        Ok(result) => result,
        Err(error_result) => {
--- a/src/uu/df/src/blocks.rs
+++ b/src/uu/df/src/blocks.rs
@ -294,8 +294,8 @@ mod tests {
    #[test]
    fn test_default_block_size() {
        assert_eq!(BlockSize::Bytes(1024), BlockSize::default());
-        env::set_var("POSIXLY_CORRECT", "1");
+        unsafe { env::set_var("POSIXLY_CORRECT", "1") };
        assert_eq!(BlockSize::Bytes(512), BlockSize::default());
-        env::remove_var("POSIXLY_CORRECT");
+        unsafe { env::remove_var("POSIXLY_CORRECT") };
    }
 }
--- a/src/uu/env/src/env.rs
+++ b/src/uu/env/src/env.rs
@ -743,7 +743,7 @@ mod tests {
    #[test]
    fn test_split_string_environment_vars_test() {
-        std::env::set_var("FOO", "BAR");
+        unsafe { std::env::set_var("FOO", "BAR") };
        assert_eq!(
            NCvt::convert(vec!["FOO=bar", "sh", "-c", "echo xBARx =$FOO="]),
            parse_args_from_str(&NCvt::convert(r#"FOO=bar sh -c "echo x${FOO}x =\$FOO=""#))
--- a/src/uu/id/src/id.rs
+++ b/src/uu/id/src/id.rs
@ -660,7 +660,7 @@ mod audit {
    }
    pub type c_auditinfo_addr_t = c_auditinfo_addr;
-    extern "C" {
+    unsafe extern "C" {
        pub fn getaudit(auditinfo_addr: *mut c_auditinfo_addr_t) -> c_int;
    }
 }
--- a/src/uu/nohup/src/nohup.rs
+++ b/src/uu/nohup/src/nohup.rs
@ -177,7 +177,7 @@ fn find_stdout() -> UResult<File> {
 }
 #[cfg(target_vendor = "apple")]
-extern "C" {
+unsafe extern "C" {
    fn _vprocmgr_detach_from_console(flags: u32) -> *const libc::c_int;
 }
--- a/src/uu/stdbuf/src/libstdbuf/src/libstdbuf.rs
+++ b/src/uu/stdbuf/src/libstdbuf/src/libstdbuf.rs
@ -67,12 +67,12 @@ fn set_buffer(stream: *mut FILE, value: &str) {
 #[unsafe(no_mangle)]
 pub unsafe extern "C" fn __stdbuf() {
    if let Ok(val) = env::var("_STDBUF_E") {
-        set_buffer(__stdbuf_get_stderr(), &val);
+        set_buffer(unsafe { __stdbuf_get_stderr() }, &val);
    }
    if let Ok(val) = env::var("_STDBUF_I") {
-        set_buffer(__stdbuf_get_stdin(), &val);
+        set_buffer(unsafe { __stdbuf_get_stdin() }, &val);
    }
    if let Ok(val) = env::var("_STDBUF_O") {
-        set_buffer(__stdbuf_get_stdout(), &val);
+        set_buffer(unsafe { __stdbuf_get_stdout() }, &val);
    }
 }
--- a/src/uu/sync/src/sync.rs
+++ b/src/uu/sync/src/sync.rs
@ -43,8 +43,10 @@ mod platform {
        // see https://github.com/rust-lang/libc/pull/2161
        #[cfg(target_os = "android")]
        libc::syscall(libc::SYS_sync);
-        #[cfg(not(target_os = "android"))]
+        unsafe {
-        libc::sync();
+            #[cfg(not(target_os = "android"))]
            libc::sync()
        };
        Ok(())
    }
@ -55,7 +57,7 @@ mod platform {
        for path in files {
            let f = File::open(path).unwrap();
            let fd = f.as_raw_fd();
-            libc::syscall(libc::SYS_syncfs, fd);
+            unsafe { libc::syscall(libc::SYS_syncfs, fd) };
        }
        Ok(())
    }
@ -67,7 +69,7 @@ mod platform {
        for path in files {
            let f = File::open(path).unwrap();
            let fd = f.as_raw_fd();
-            libc::syscall(libc::SYS_fdatasync, fd);
+            unsafe { libc::syscall(libc::SYS_fdatasync, fd) };
        }
        Ok(())
    }
@ -92,13 +94,13 @@ mod platform {
    /// This function is unsafe because it calls an unsafe function.
    unsafe fn flush_volume(name: &str) -> UResult<()> {
        let name_wide = name.to_wide_null();
-        if GetDriveTypeW(name_wide.as_ptr()) == DRIVE_FIXED {
+        if unsafe { GetDriveTypeW(name_wide.as_ptr()) } == DRIVE_FIXED {
            let sliced_name = &name[..name.len() - 1]; // eliminate trailing backslash
            match OpenOptions::new().write(true).open(sliced_name) {
                Ok(file) => {
-                    if FlushFileBuffers(file.as_raw_handle() as HANDLE) == 0 {
+                    if unsafe { FlushFileBuffers(file.as_raw_handle() as HANDLE) } == 0 {
                        Err(USimpleError::new(
-                            GetLastError() as i32,
+                            unsafe { GetLastError() } as i32,
                            "failed to flush file buffer",
                        ))
                    } else {
@ -119,10 +121,10 @@ mod platform {
    /// This function is unsafe because it calls an unsafe function.
    unsafe fn find_first_volume() -> UResult<(String, HANDLE)> {
        let mut name: [u16; MAX_PATH as usize] = [0; MAX_PATH as usize];
-        let handle = FindFirstVolumeW(name.as_mut_ptr(), name.len() as u32);
+        let handle = unsafe { FindFirstVolumeW(name.as_mut_ptr(), name.len() as u32) };
        if handle == INVALID_HANDLE_VALUE {
            return Err(USimpleError::new(
-                GetLastError() as i32,
+                unsafe { GetLastError() } as i32,
                "failed to find first volume",
            ));
        }
@ -132,14 +134,16 @@ mod platform {
    /// # Safety
    /// This function is unsafe because it calls an unsafe function.
    unsafe fn find_all_volumes() -> UResult<Vec<String>> {
-        let (first_volume, next_volume_handle) = find_first_volume()?;
+        let (first_volume, next_volume_handle) = unsafe { find_first_volume()? };
        let mut volumes = vec![first_volume];
        loop {
            let mut name: [u16; MAX_PATH as usize] = [0; MAX_PATH as usize];
-            if FindNextVolumeW(next_volume_handle, name.as_mut_ptr(), name.len() as u32) == 0 {
+            if unsafe { FindNextVolumeW(next_volume_handle, name.as_mut_ptr(), name.len() as u32) }
-                return match GetLastError() {
+                == 0
            {
                return match unsafe { GetLastError() } {
                    ERROR_NO_MORE_FILES => {
-                        FindVolumeClose(next_volume_handle);
+                        unsafe { FindVolumeClose(next_volume_handle) };
                        Ok(volumes)
                    }
                    err => Err(USimpleError::new(err as i32, "failed to find next volume")),
@ -153,9 +157,9 @@ mod platform {
    /// # Safety
    /// This function is unsafe because it calls `find_all_volumes` which is unsafe.
    pub unsafe fn do_sync() -> UResult<()> {
-        let volumes = find_all_volumes()?;
+        let volumes = unsafe { find_all_volumes()? };
        for vol in &volumes {
-            flush_volume(vol)?;
+            unsafe { flush_volume(vol)? };
        }
        Ok(())
    }
@ -164,15 +168,17 @@ mod platform {
    /// This function is unsafe because it calls `find_all_volumes` which is unsafe.
    pub unsafe fn do_syncfs(files: Vec<String>) -> UResult<()> {
        for path in files {
-            flush_volume(
+            unsafe {
-                Path::new(&path)
+                flush_volume(
-                    .components()
+                    Path::new(&path)
-                    .next()
+                        .components()
-                    .unwrap()
+                        .next()
-                    .as_os_str()
+                        .unwrap()
-                    .to_str()
+                        .as_os_str()
-                    .unwrap(),
+                        .to_str()
-            )?;
+                        .unwrap(),
                )?
            };
        }
        Ok(())
    }
--- a/src/uucore/src/lib/features/backup_control.rs
+++ b/src/uucore/src/lib/features/backup_control.rs
@ -593,33 +593,33 @@ mod tests {
    #[test]
    fn test_backup_mode_short_does_not_ignore_env() {
        let _dummy = TEST_MUTEX.lock().unwrap();
-        env::set_var(ENV_VERSION_CONTROL, "numbered");
+        unsafe { env::set_var(ENV_VERSION_CONTROL, "numbered") };
        let matches = make_app().get_matches_from(vec!["command", "-b"]);
        let result = determine_backup_mode(&matches).unwrap();
        assert_eq!(result, BackupMode::NumberedBackup);
-        env::remove_var(ENV_VERSION_CONTROL);
+        unsafe { env::remove_var(ENV_VERSION_CONTROL) };
    }
    // --backup can be passed without an argument, but reads env var if existent
    #[test]
    fn test_backup_mode_long_without_args_with_env() {
        let _dummy = TEST_MUTEX.lock().unwrap();
-        env::set_var(ENV_VERSION_CONTROL, "none");
+        unsafe { env::set_var(ENV_VERSION_CONTROL, "none") };
        let matches = make_app().get_matches_from(vec!["command", "--backup"]);
        let result = determine_backup_mode(&matches).unwrap();
        assert_eq!(result, BackupMode::NoBackup);
-        env::remove_var(ENV_VERSION_CONTROL);
+        unsafe { env::remove_var(ENV_VERSION_CONTROL) };
    }
    // --backup errors on invalid VERSION_CONTROL env var
    #[test]
    fn test_backup_mode_long_with_env_var_invalid() {
        let _dummy = TEST_MUTEX.lock().unwrap();
-        env::set_var(ENV_VERSION_CONTROL, "foobar");
+        unsafe { env::set_var(ENV_VERSION_CONTROL, "foobar") };
        let matches = make_app().get_matches_from(vec!["command", "--backup"]);
        let result = determine_backup_mode(&matches);
@ -627,14 +627,14 @@ mod tests {
        assert!(result.is_err());
        let text = format!("{}", result.unwrap_err());
        assert!(text.contains("invalid argument 'foobar' for '$VERSION_CONTROL'"));
-        env::remove_var(ENV_VERSION_CONTROL);
+        unsafe { env::remove_var(ENV_VERSION_CONTROL) };
    }
    // --backup errors on ambiguous VERSION_CONTROL env var
    #[test]
    fn test_backup_mode_long_with_env_var_ambiguous() {
        let _dummy = TEST_MUTEX.lock().unwrap();
-        env::set_var(ENV_VERSION_CONTROL, "n");
+        unsafe { env::set_var(ENV_VERSION_CONTROL, "n") };
        let matches = make_app().get_matches_from(vec!["command", "--backup"]);
        let result = determine_backup_mode(&matches);
@ -642,20 +642,20 @@ mod tests {
        assert!(result.is_err());
        let text = format!("{}", result.unwrap_err());
        assert!(text.contains("ambiguous argument 'n' for '$VERSION_CONTROL'"));
-        env::remove_var(ENV_VERSION_CONTROL);
+        unsafe { env::remove_var(ENV_VERSION_CONTROL) };
    }
    // --backup accepts shortened env vars (si for simple)
    #[test]
    fn test_backup_mode_long_with_env_var_shortened() {
        let _dummy = TEST_MUTEX.lock().unwrap();
-        env::set_var(ENV_VERSION_CONTROL, "si");
+        unsafe { env::set_var(ENV_VERSION_CONTROL, "si") };
        let matches = make_app().get_matches_from(vec!["command", "--backup"]);
        let result = determine_backup_mode(&matches).unwrap();
        assert_eq!(result, BackupMode::SimpleBackup);
-        env::remove_var(ENV_VERSION_CONTROL);
+        unsafe { env::remove_var(ENV_VERSION_CONTROL) };
    }
    #[test]
--- a/src/uucore/src/lib/features/fsext.rs
+++ b/src/uucore/src/lib/features/fsext.rs
@ -367,7 +367,7 @@ use libc::c_int;
    target_os = "netbsd",
    target_os = "openbsd"
 ))]
-extern "C" {
+unsafe extern "C" {
    #[cfg(all(target_vendor = "apple", target_arch = "x86_64"))]
    #[link_name = "getmntinfo$INODE64"]
    fn get_mount_info(mount_buffer_p: *mut *mut StatFs, flags: c_int) -> c_int;
--- a/src/uucore/src/lib/mods/posix.rs
+++ b/src/uucore/src/lib/mods/posix.rs
@ -45,11 +45,11 @@ mod tests {
        // default
        assert_eq!(posix_version(), None);
        // set specific version
-        env::set_var("_POSIX2_VERSION", OBSOLETE.to_string());
+        unsafe { env::set_var("_POSIX2_VERSION", OBSOLETE.to_string()) };
        assert_eq!(posix_version(), Some(OBSOLETE));
-        env::set_var("_POSIX2_VERSION", TRADITIONAL.to_string());
+        unsafe { env::set_var("_POSIX2_VERSION", TRADITIONAL.to_string()) };
        assert_eq!(posix_version(), Some(TRADITIONAL));
-        env::set_var("_POSIX2_VERSION", MODERN.to_string());
+        unsafe { env::set_var("_POSIX2_VERSION", MODERN.to_string()) };
        assert_eq!(posix_version(), Some(MODERN));
    }
 }