Trait buf_redux::TrustRead [−] [src]

pub unsafe trait TrustRead: Read {
    fn is_trusted(&self) -> bool;
}

A trait which Buffer can use to determine whether or not it is safe to elide zeroing of its buffer.

Has a default implementation of is_trusted() which always returns false.

Use the nightly feature to enable specialization, which means this trait can be implemented for specifically trusted types from the stdlib and potentially elsewhere.

Motivation

As part of its intended operation, Buffer can pass a potentially uninitialized slice of its buffer to Read::read(). Untrusted readers could access sensitive information in this slice, from previous usage of that region of memory, which has not been overwritten yet. Thus, the uninitialized parts of the buffer need to be zeroed to prevent unintentional leakage of information.

However, for trusted readers which are known to only write to this slice and not read from it, such as various types in the stdlib which will pass the slice directly to a syscall, this zeroing is an unnecessary waste of cycles which the optimizer may or may not elide properly.

This trait helps Buffer determine whether or not a particular reader is trustworthy.

Required Methods

`fn is_trusted(&self) -> bool`

Return true if this reader does not need a zeroed slice passed to .read().

Implementors

impl<R: Read> TrustRead for R