-
Notifications
You must be signed in to change notification settings - Fork 12.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
rustc_typeck::check::compare_method::compare_const_impl doesn't drain its fullfillment context nor invoke regionck. #41323
Comments
triage: P-medium |
@eddyb does this block stabilization of associated consts? |
@withoutboats Yes, as it allows const types in impls that don't match the trait definition. |
This can be exploited to elongate lifetimes: #![feature(associated_consts)]
trait Evil<'a, T: 'static> {
const EVIL: fn(&'a T) -> &'static T;
}
impl<'a, T: 'static> Evil<'a, T> for () {
const EVIL: fn(&'a T) -> &'a T = identity;
}
fn identity<T: 'static>(s: &T) -> &T { s }
fn evil() -> &'static Box<i32> {
let b = Box::new(0);
<()>::EVIL(&b)
}
fn main() {
println!("{}", **evil())
} |
I'm renominating, given the exploit that @withoutboats found. |
This is a fairly straight-forward fix, so I'm going to write up some mentoring instructions. Maybe somebody wants to jump in on it! In general, the code in I actually suspect that the code for methods and constants could be combined into one function (as this comment suggests), but we can leave that for bonus points. Let's walk through what the code does now. Imagine we have something like
This is where things go wrong. First off, I suspect it'd be better to just require that the types are equal, rather than subtypes. That can be done by changing from
Basically, we've enqueued up a bunch of further checks that we ought to do, but nowhere are we doing them. We ought to be adding two things (here I am giving links into the method code):
In both cases, we should be able to essentially cut-and-paste the existing code. |
Tagging as E-mentor. |
…l, r=nikomatsakis associated_consts: check trait obligations and regionck for associated consts Closes rust-lang#41323 r? @nikomatsakis
…l, r=nikomatsakis associated_consts: check trait obligations and regionck for associated consts Closes rust-lang#41323 r? @nikomatsakis
UPDATE: Mentoring instructions for fixing this bug can be found here.
There are some calls to add obligations to a fulfillment context but it's never checked.
Some examples of code that shouldn't compile:
cc @rust-lang/compiler
The text was updated successfully, but these errors were encountered: