Added changes for rust-lang/rust#95295.

Author: RustEnthusiast

include/nstd/alloc.h

@@ -13,7 +13,9 @@ typedef enum {
     /// Getting a handle to a heap failed.
     NSTD_ALLOC_ERROR_HEAP_NOT_FOUND,
     /// A heap is invalid.
-    NSTD_ALLOC_ERROR_INVALID_HEAP
+    NSTD_ALLOC_ERROR_INVALID_HEAP,
+    /// An allocation function received input parameters that resulted in an invalid memory layout.
+    NSTD_ALLOC_ERROR_INVALID_LAYOUT
 } NSTDAllocError;
 
 /// Allocates a block of memory on the heap.
@@ -84,11 +86,15 @@ NSTDAPI NSTDAllocError nstd_alloc_reallocate(NSTDAnyMut *ptr, NSTDUInt size, NST
 ///
 /// - `NSTDUInt size` - The number of bytes to free.
 ///
+/// # Returns
+///
+/// `NSTDAllocError errc` - The allocation operation error code.
+///
 /// # Safety
 ///
 /// - Behavior is undefined if `ptr` is not a value returned by `nstd_alloc_allocate[_zeroed]`.
 ///
 /// - `size` must be the same value that was used to allocate the memory buffer.
-NSTDAPI void nstd_alloc_deallocate(NSTDAnyMut *ptr, NSTDUInt size);
+NSTDAPI NSTDAllocError nstd_alloc_deallocate(NSTDAnyMut *ptr, NSTDUInt size);
 
 #endif

include/nstd/cstring.h

@@ -237,7 +237,7 @@ NSTDAPI NSTDChar nstd_cstring_pop(NSTDCString *cstring);
 ///
 /// # Panics
 ///
-/// This operation may panic if getting a handle to the heap fails.
+/// Panics if deallocating fails.
 NSTDAPI void nstd_cstring_free(NSTDCString cstring);
 
 #endif

include/nstd/heap_ptr.h

@@ -99,6 +99,10 @@ NSTDAPI NSTDAnyMut nstd_heap_ptr_get_mut(NSTDHeapPtr *hptr);
 /// # Parameters:
 ///
 /// - `NSTDHeapPtr hptr` - A pointer to the heap object.
+///
+/// # Panics
+///
+/// Panics if freeing the heap memory fails.
 NSTDAPI void nstd_heap_ptr_free(NSTDHeapPtr hptr);
 
 #endif

include/nstd/shared_ptr.h

@@ -97,6 +97,11 @@ NSTDAPI NSTDAny nstd_shared_ptr_get(const NSTDSharedPtr *shared_ptr);
 /// # Parameters:
 ///
 /// - `NSTDSharedPtr shared_ptr` - The shared object to free.
+///
+/// # Panics
+///
+/// Panics if there are no more shared pointers referencing the shared data and freeing the heap
+/// memory fails.
 NSTDAPI void nstd_shared_ptr_free(NSTDSharedPtr shared_ptr);
 
 #endif

include/nstd/string.h

@@ -404,7 +404,7 @@ NSTDAPI NSTDString nstd_string_from_u64(NSTDUInt64 v);
 ///
 /// # Panics
 ///
-/// This operation may panic if getting a handle to the heap fails.
+/// Panics if deallocating fails.
 NSTDAPI void nstd_string_free(NSTDString string);
 
 #endif

include/nstd/vec.h

@@ -375,6 +375,10 @@ NSTDAPI NSTDAllocError nstd_vec_shrink(NSTDVec *vec);
 /// # Parameters:
 ///
 /// - `NSTDVec vec` - The vector to free.
+///
+/// # Panics
+///
+/// Panics if deallocating fails.
 NSTDAPI void nstd_vec_free(NSTDVec vec);
 
 #endif

src/alloc.rs

@@ -29,6 +29,8 @@ pub enum NSTDAllocError {
     NSTD_ALLOC_ERROR_HEAP_NOT_FOUND,
     /// A heap is invalid.
     NSTD_ALLOC_ERROR_INVALID_HEAP,
+    /// An allocation function received input parameters that resulted in an invalid memory layout.
+    NSTD_ALLOC_ERROR_INVALID_LAYOUT,
 }
 impl NSTDAllocError {
     /// Converts an [NSTDWindowsAllocError] into an [NSTDAllocError].
@@ -77,7 +79,12 @@ impl NSTDAllocError {
 pub unsafe extern "C" fn nstd_alloc_allocate(size: NSTDUInt) -> NSTDAnyMut {
     #[cfg(not(any(target_family = "unix", target_os = "windows")))]
     {
+        use crate::NSTD_NULL;
         use alloc::alloc::Layout;
+        // Make sure `size` is valid for `layout`.
+        if size > isize::MAX as usize {
+            return NSTD_NULL;
+        }
         let layout = Layout::from_size_align_unchecked(size, 1);
         alloc::alloc::alloc(layout).cast()
     }
@@ -125,7 +132,12 @@ pub unsafe extern "C" fn nstd_alloc_allocate(size: NSTDUInt) -> NSTDAnyMut {
 pub unsafe extern "C" fn nstd_alloc_allocate_zeroed(size: NSTDUInt) -> NSTDAnyMut {
     #[cfg(not(any(target_family = "unix", target_os = "windows")))]
     {
+        use crate::NSTD_NULL;
         use alloc::alloc::Layout;
+        // Make sure `size` is valid for `layout`.
+        if size > isize::MAX as usize {
+            return NSTD_NULL;
+        }
         let layout = Layout::from_size_align_unchecked(size, 1);
         alloc::alloc::alloc_zeroed(layout).cast()
     }
@@ -186,7 +198,7 @@ pub unsafe extern "C" fn nstd_alloc_allocate_zeroed(size: NSTDUInt) -> NSTDAnyMu
 ///     nstd_alloc_deallocate(&mut mem, SIZE);
 /// }
 /// ```
-#[inline]
+#[cfg_attr(any(target_family = "unix", target_os = "windows"), inline)]
 #[cfg_attr(feature = "clib", no_mangle)]
 #[cfg_attr(
     any(target_family = "unix", target_os = "windows"),
@@ -200,6 +212,10 @@ pub unsafe extern "C" fn nstd_alloc_reallocate(
     #[cfg(not(any(target_family = "unix", target_os = "windows")))]
     {
         use alloc::alloc::Layout;
+        // Make sure `size` is valid for `layout`.
+        if size > isize::MAX as usize {
+            return NSTDAllocError::NSTD_ALLOC_ERROR_INVALID_LAYOUT;
+        }
         let layout = Layout::from_size_align_unchecked(size, 1);
         let new_mem = alloc::alloc::realloc((*ptr).cast(), layout, new_size);
         if !new_mem.is_null() {
@@ -229,6 +245,10 @@ pub unsafe extern "C" fn nstd_alloc_reallocate(
 ///
 /// - `NSTDUInt size` - The number of bytes to free.
 ///
+/// # Returns
+///
+/// `NSTDAllocError errc` - The allocation operation error code.
+///
 /// # Safety
 ///
 /// - Behavior is undefined if `ptr` is not a value returned by `nstd_alloc_allocate[_zeroed]`.
@@ -246,27 +266,36 @@ pub unsafe extern "C" fn nstd_alloc_reallocate(
 ///     nstd_alloc_deallocate(&mut mem, 24);
 /// }
 /// ```
-#[inline]
+#[cfg_attr(any(target_family = "unix", target_os = "windows"), inline)]
 #[cfg_attr(feature = "clib", no_mangle)]
 #[cfg_attr(
     any(target_family = "unix", target_os = "windows"),
     allow(unused_variables)
 )]
-pub unsafe extern "C" fn nstd_alloc_deallocate(ptr: &mut NSTDAnyMut, size: NSTDUInt) {
+pub unsafe extern "C" fn nstd_alloc_deallocate(
+    ptr: &mut NSTDAnyMut,
+    size: NSTDUInt,
+) -> NSTDAllocError {
     #[cfg(not(any(target_family = "unix", target_os = "windows")))]
     {
         use crate::NSTD_NULL;
         use alloc::alloc::Layout;
+        // Make sure `size` is valid for `layout`.
+        if size > isize::MAX as usize {
+            return NSTDAllocError::NSTD_ALLOC_ERROR_INVALID_LAYOUT;
+        }
         let layout = Layout::from_size_align_unchecked(size, 1);
         alloc::alloc::dealloc((*ptr).cast(), layout);
         *ptr = NSTD_NULL;
+        NSTDAllocError::NSTD_ALLOC_ERROR_NONE
     }
     #[cfg(target_family = "unix")]
     {
         nstd_os_unix_alloc_deallocate(ptr);
+        NSTDAllocError::NSTD_ALLOC_ERROR_NONE
     }
     #[cfg(target_os = "windows")]
     {
-        nstd_os_windows_alloc_deallocate(ptr);
+        NSTDAllocError::from_windows(nstd_os_windows_alloc_deallocate(ptr))
     }
 }

src/cstring.rs

@@ -436,7 +436,7 @@ pub extern "C" fn nstd_cstring_pop(cstring: &mut NSTDCString) -> NSTDChar {
 ///
 /// # Panics
 ///
-/// This operation may panic if getting a handle to the heap fails.
+/// Panics if deallocating fails.
 #[inline]
 #[cfg_attr(feature = "clib", no_mangle)]
 #[allow(unused_variables)]

src/heap_ptr.rs

@@ -1,6 +1,9 @@
 //! A pointer type for single value heap allocation.
 use crate::{
-    alloc::{nstd_alloc_allocate, nstd_alloc_allocate_zeroed, nstd_alloc_deallocate},
+    alloc::{
+        nstd_alloc_allocate, nstd_alloc_allocate_zeroed, nstd_alloc_deallocate,
+        NSTDAllocError::NSTD_ALLOC_ERROR_NONE,
+    },
     core::mem::nstd_core_mem_copy,
     NSTDAny, NSTDAnyMut, NSTDUInt,
 };
@@ -16,10 +19,16 @@ pub struct NSTDHeapPtr {
 }
 impl Drop for NSTDHeapPtr {
     /// [NSTDHeapPtr]'s destructor.
+    ///
+    /// # Panics
+    ///
+    /// Panics if deallocating fails.
     #[inline]
     fn drop(&mut self) {
         // SAFETY: Heap pointers are always non-null.
-        unsafe { nstd_alloc_deallocate(&mut self.ptr, self.size) };
+        unsafe {
+            assert!(nstd_alloc_deallocate(&mut self.ptr, self.size) == NSTD_ALLOC_ERROR_NONE);
+        }
     }
 }
 
@@ -223,6 +232,10 @@ pub extern "C" fn nstd_heap_ptr_get_mut(hptr: &mut NSTDHeapPtr) -> NSTDAnyMut {
 /// # Parameters:
 ///
 /// - `NSTDHeapPtr hptr` - A pointer to the heap object.
+///
+/// # Panics
+///
+/// Panics if freeing the heap memory fails.
 #[inline]
 #[cfg_attr(feature = "clib", no_mangle)]
 #[allow(unused_variables)]

src/shared_ptr.rs

@@ -1,6 +1,9 @@
 //! A reference counting smart pointer.
 use crate::{
-    alloc::{nstd_alloc_allocate, nstd_alloc_allocate_zeroed, nstd_alloc_deallocate},
+    alloc::{
+        nstd_alloc_allocate, nstd_alloc_allocate_zeroed, nstd_alloc_deallocate,
+        NSTDAllocError::NSTD_ALLOC_ERROR_NONE,
+    },
     core::mem::nstd_core_mem_copy,
     NSTDAny, NSTDAnyMut, NSTDUInt,
 };
@@ -38,6 +41,10 @@ impl NSTDSharedPtr {
 }
 impl Drop for NSTDSharedPtr {
     /// [NSTDSharedPtr]'s destructor.
+    ///
+    /// # Panics
+    ///
+    /// Panics if deallocating fails.
     fn drop(&mut self) {
         // SAFETY: Shared pointers are always non-null.
         unsafe {
@@ -46,7 +53,7 @@ impl Drop for NSTDSharedPtr {
             *ptrs -= 1;
             // If the pointer count is zero, free the data.
             if *ptrs == 0 {
-                nstd_alloc_deallocate(&mut self.ptr, self.size);
+                assert!(nstd_alloc_deallocate(&mut self.ptr, self.size) == NSTD_ALLOC_ERROR_NONE);
             }
         }
     }
@@ -304,6 +311,11 @@ pub extern "C" fn nstd_shared_ptr_get(shared_ptr: &NSTDSharedPtr) -> NSTDAny {
 /// # Parameters:
 ///
 /// - `NSTDSharedPtr shared_ptr` - The shared object to free.
+///
+/// # Panics
+///
+/// Panics if there are no more shared pointers referencing the shared data and freeing the heap
+/// memory fails.
 #[cfg_attr(feature = "clib", no_mangle)]
 #[allow(unused_variables)]
 pub extern "C" fn nstd_shared_ptr_free(shared_ptr: NSTDSharedPtr) {}

src/string.rs

@@ -591,7 +591,7 @@ gen_from_primitive!(
 ///
 /// # Panics
 ///
-/// This operation may panic if getting a handle to the heap fails.
+/// Panics if deallocating fails.
 #[inline]
 #[cfg_attr(feature = "clib", no_mangle)]
 #[allow(unused_variables)]