pub trait VecExtensions<T: Copy + Sized>: Zeroize {
// Required methods
fn with_value(value: &[T]) -> Vec<T>;
fn set_capacity_to(&mut self, capacity: usize);
fn set_capacity_to_secure(&mut self, capacity: usize);
fn set_contents_from_slice(&mut self, other: &[T]);
fn set_contents_from_slice_secure(&mut self, other: &[T]);
fn shrink_to_fit_secure(&mut self);
fn reserve_secure(&mut self, additional: usize);
fn extend_from_slice_secure(&mut self, other: &[T]);
}Expand description
This trait adds some extension methods to std::vec::Vec for primitive
types like integers, floating points and booleans.
Most of those extensions are designed to be either fast implementations of existing methods or secure versions of them.
§Safety
Some operations performed by this extension relies heavily on pointer
operations and bitwise copies (see std::ptr for further details).
Because of that, it is not safe to implement this trait for non primitive
types because it may lead to memory safety violations and potential double
free situations.
§Secure variants
This extension also include secure variants of some of the vector methods. Those variants always zeroes the memory segments before releasing them back to the memory pool.
Logically, they do perform the same operations but they are way more expensive than their regular versions. We recommend the use of those versions if and only if you need to avoid potential confidential data leak to the system.
It is possible that, when the allocator_api
#32838 become fully
integrated into the standard API, those methods will no longer be
necessary as the proper memory cleanup will be done by an
std::alloc::Allocator instead of the hacks used by those methods.
Required Methods§
Sourcefn with_value(value: &[T]) -> Vec<T>
fn with_value(value: &[T]) -> Vec<T>
Creates a new vector already initialized with the specified value.
Since it is the first allocation, there is no need to have a secure version of this constructor.
Arguments:
value: The initial value of the new Vec instance, the elements of this slice are copied into the new vector;
Sourcefn set_capacity_to(&mut self, capacity: usize)
fn set_capacity_to(&mut self, capacity: usize)
This method sets the capacity of the given VecVec<u8>::reserve() but it
takes the target capacity insted of an additional capacity.
If the current capacity is equal or larger than the required capacity, this method does nothing.
Arguments:
capacity: The new capacity;
Sourcefn set_capacity_to_secure(&mut self, capacity: usize)
fn set_capacity_to_secure(&mut self, capacity: usize)
This method is the secure variant of Self::set_capacity_to().
Arguments:
capacity: The new capacity;
Sourcefn set_contents_from_slice(&mut self, other: &[T])
fn set_contents_from_slice(&mut self, other: &[T])
Replaces the contents of this vector with the contents of a given slice. It will expand the size of this vector as needed but will never shrink it.
Arguments:
other: The new capacity;
Sourcefn set_contents_from_slice_secure(&mut self, other: &[T])
fn set_contents_from_slice_secure(&mut self, other: &[T])
This method is the secure variant of Self::set_contents_from_slice().
Arguments:
other: The new capacity;
Sourcefn shrink_to_fit_secure(&mut self)
fn shrink_to_fit_secure(&mut self)
This method is the secure version of std::vec::Vec::shrink_to_fit().
Sourcefn reserve_secure(&mut self, additional: usize)
fn reserve_secure(&mut self, additional: usize)
This method is the secure version of std::vec::Vec::reserve().
Sourcefn extend_from_slice_secure(&mut self, other: &[T])
fn extend_from_slice_secure(&mut self, other: &[T])
This method is the secure version of std::vec::Vec::extend_from_slice().
Dyn Compatibility§
This trait is not dyn compatible.
In older versions of Rust, dyn compatibility was called "object safety", so this trait is not object safe.