ReadBytesExt: document the danger of reading after an error #209
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
std::io::Read::read_exact documentation says that if an error occurs, the state of the reader is unspecified: it may have consumed some number of bytes (between zero and the size of the buffer). This makes it unwise to continue reading after an error, since it's not possible to know where the read begins. A caller may be surprised by this issue, for example by calling read_u16() until it fails, then calling read_u8() to collect a remainder byte. This is not guaranteed to work. This was specifically observed to behave one way on rust 1.79.0, and then a different way in rust 1.80.0 when using std::io::Cursor as the reader. Closes BurntSushi#208 (Documents the problem, which is the best we can do.)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
std::io::Read::read_exactdocumentation says that if an error occurs, the state of the reader is unspecified: it may have consumed some number of bytes (between zero and the size of the buffer).This makes it unwise to continue reading after an error, since it's not possible to know where the read begins.
A caller may be surprised by this issue, for example by calling
read_u16()until it fails, then callingread_u8()to collect a remainder byte. This is not guaranteed to work.This was specifically observed to behave one way on rust 1.79.0, and then a different way in rust 1.80.0 when using
std::io::Cursoras the reader. See #208 for an example of code that broke in 1.80.Closes #208 (Documents the problem, which is the best we can do.)