File tree 2 files changed +13
-3
lines changed
2 files changed +13
-3
lines changed Original file line number Diff line number Diff line change @@ -352,9 +352,13 @@ impl CString {
352352/// # Safety
353353///
354354/// This should only ever be called with a pointer that was earlier
355- /// obtained by calling [`CString::into_raw`]. Other usage (e.g., trying to take
356- /// ownership of a string that was allocated by foreign code) is likely to lead
357- /// to undefined behavior or allocator corruption.
355+ /// obtained by calling [`CString::into_raw`] and this pointer must not be accessed
356+ /// through any other pointer during the lifetime of reconstructed `CString`.
357+ /// Other usage (e.g., trying to take ownership of a string that was allocated by foreign code)
358+ /// is likely to lead to undefined behavior or allocator corruption.
359+ ///
360+ /// This function does not validate ownership of the raw pointer's memory.
361+ /// A double-free may occur if the function is called twice on the same raw pointer.
358362///
359363/// It should be noted that the length isn't just "recomputed," but that
360364/// the recomputed length must match the original length from the
Original file line number Diff line number Diff line change @@ -604,6 +604,12 @@ impl str {
604604/// Converts a boxed slice of bytes to a boxed string slice without checking
605605/// that the string contains valid UTF-8.
606606///
607+ /// # Safety
608+ ///
609+ /// * The provided bytes must contain a valid UTF-8 sequence.
610+ ///
611+ /// * The `Box<[u8]>` must have been allocated via the global allocator.
612+ ///
607613/// # Examples
608614///
609615/// ```
You can’t perform that action at this time.
0 commit comments