arno/trezor-firmware
1
0
Fork 0
mirror of https://github.com/trezor/trezor-firmware.git synced 2025-01-23 13:51:00 +00:00
Code Issues Releases Wiki Activity

feat(core/rust): improve behavior of from_c_str / from_c_array

Browse Source
This commit is contained in:
matejcik 2023-03-28 13:18:19 +02:00
parent 7e96b96d00
commit e10b6ecc26
2 changed files with 13 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
core/embed/rust/src/ui/screens.rs
View File

@ -7,25 +7,15 @@ pub use super::model_tr::screens::*;
pub use super::model_tt::screens::*; pub use super::model_tt::screens::*;
use crate::ui::util::from_c_str; use crate::ui::util::from_c_str;
macro_rules! convert_str {
($str:expr) => {
if ($str).is_null() {
""
} else {
unwrap!(unsafe { from_c_str($str) })
}
};
}
#[no_mangle] #[no_mangle]
extern "C" fn screen_fatal_error_rust( extern "C" fn screen_fatal_error_rust(
title: *const cty::c_char, title: *const cty::c_char,
msg: *const cty::c_char, msg: *const cty::c_char,
footer: *const cty::c_char, footer: *const cty::c_char,
) { ) {
let title = convert_str!(title); let title = unsafe { from_c_str(title) }.unwrap_or("");
let msg = convert_str!(msg); let msg = unsafe { from_c_str(msg) }.unwrap_or("");
let footer = convert_str!(footer); let footer = unsafe { from_c_str(footer) }.unwrap_or("");
screen_fatal_error(title, msg, footer); screen_fatal_error(title, msg, footer);
} }

16
core/embed/rust/src/ui/util.rs
View File

@ -45,11 +45,13 @@ pub fn u32_to_str(num: u32, buffer: &mut [u8]) -> Option<&str> {
/// # Safety /// # Safety
/// ///
/// The caller is responsible that the pointer is valid, which means that: /// The caller is responsible that the pointer is valid, which means that:
/// (a) it is not null, /// (a) it points to a memory containing a valid C string (zero-terminated
/// (b) it points to a memory containing a valid C string (zero-terminated
/// sequence of characters), and /// sequence of characters), and
/// (c) that the pointer has appropriate lifetime. /// (b) that the pointer has appropriate lifetime.
pub unsafe fn from_c_str<'a>(c_str: *const cty::c_char) -> Option<&'a str> { pub unsafe fn from_c_str<'a>(c_str: *const cty::c_char) -> Option<&'a str> {
if c_str.is_null() {
return None;
}
unsafe { unsafe {
let bytes = CStr::from_ptr(c_str).to_bytes(); let bytes = CStr::from_ptr(c_str).to_bytes();
if bytes.is_ascii() { if bytes.is_ascii() {
@ -65,11 +67,13 @@ pub unsafe fn from_c_str<'a>(c_str: *const cty::c_char) -> Option<&'a str> {
/// # Safety /// # Safety
/// ///
/// The caller is responsible that the pointer is valid, which means that: /// The caller is responsible that the pointer is valid, which means that:
/// (a) it is not null, /// (a) it points to a memory containing array of characters, with length `len`,
/// (b) it points to a memory containing array of characters, with length `len`,
/// and /// and
/// (c) that the pointer has appropriate lifetime. /// (b) that the pointer has appropriate lifetime.
pub unsafe fn from_c_array<'a>(c_str: *const cty::c_char, len: usize) -> Option<&'a str> { pub unsafe fn from_c_array<'a>(c_str: *const cty::c_char, len: usize) -> Option<&'a str> {
if c_str.is_null() {
return None;
}
unsafe { unsafe {
let slice = core::slice::from_raw_parts(c_str as *const u8, len); let slice = core::slice::from_raw_parts(c_str as *const u8, len);
if slice.is_ascii() { if slice.is_ascii() {