Trait buf_redux::TrustRead
[−]
[src]
pub unsafe trait TrustRead: Read { fn is_trusted(&self) -> bool; }
A trait which Buffer
can use to determine whether or not
it is safe to elide zeroing of its buffer.
Has a default implementation of is_trusted()
which always returns false
.
Use the nightly
feature to enable specialization, which means this
trait can be implemented for specifically trusted types from the stdlib
and potentially elsewhere.
Motivation
As part of its intended operation, Buffer
can pass a potentially
uninitialized slice of its buffer to Read::read()
. Untrusted readers could access sensitive
information in this slice, from previous usage of that region of memory,
which has not been overwritten yet. Thus, the uninitialized parts of the buffer need to be zeroed
to prevent unintentional leakage of information.
However, for trusted readers which are known to only write to this slice and not read from it, such as various types in the stdlib which will pass the slice directly to a syscall, this zeroing is an unnecessary waste of cycles which the optimizer may or may not elide properly.
This trait helps Buffer
determine whether or not a particular reader is trustworthy.
Required Methods
fn is_trusted(&self) -> bool
Return true
if this reader does not need a zeroed slice passed to .read()
.
Implementors
impl<R: Read> TrustRead for R