Crate bulletproof [] [src]

Bulletproof memory access.

You don't know whether a memory location is valid? Don't worry, Here comes the bulletproof memory access!


use bulletproof::Bulletproof;
use std::ptr;

let mut x = 42usize;
let y = 42u8;

unsafe {
    let bulletproof = Bulletproof::new();

    assert_eq!(bulletproof.load_usize(&x), Ok(42));
    assert_eq!(bulletproof.load_usize(ptr::null()), Err(()));

    assert_eq!(bulletproof.store_usize(&mut x, 37), Ok(()));
    assert_eq!(bulletproof.store_usize(ptr::null_mut(), 37), Err(()));
    assert_eq!(bulletproof.load_usize(&x), Ok(37));
    assert_eq!(ptr::read(&x), 37);

    assert_eq!(bulletproof.load(&y), Ok(42));
    assert_eq!(bulletproof.load::<[usize; 32]>(ptr::null()), Err(()));


Internally, Bulletproof::new() installs a signal handler for segmentation fault (SIGSEGV), which recovers from the fault using siglongjmp().


Even if a location is deallocated, it may still be accessible because it is not returned to the OS yet.

Since Bulletproof::new() registers a SIGSEGV signal handler, it may disrupt the existing or future signal handlers. Most notably, Rust installs a SIGSEGV signal handler for protecting stack from overflow at initialization. By creating a Bulletproof, stack is no longer protected.


You PROBABLY should not use this library: instead of relying on bulletproof access, remove your segmentation faults! However, if you want to build low-level systems such as virtual machine or garbage collectors, bulletproof load can be a versatile tool for an additional bit of efficiency. For example, see the ThreadCrashProtection class in Java HotSpot virtual machine.



Bulletproof loader.