diff options
author | Jesse Luehrs <doy@tozt.net> | 2022-01-05 00:36:02 -0500 |
---|---|---|
committer | Jesse Luehrs <doy@tozt.net> | 2022-01-05 00:36:02 -0500 |
commit | 21399914b08addbcab41acac1824d5ee53c099fe (patch) | |
tree | fa7eed78fb276d1f0df1cb9300d5c2e95447972f /src/pipeline/mod.rs | |
parent | d3139886c7d2b5cc79463d32f0b525baa4c27f3c (diff) | |
download | nbsh-21399914b08addbcab41acac1824d5ee53c099fe.tar.gz nbsh-21399914b08addbcab41acac1824d5ee53c099fe.zip |
some safety comments
Diffstat (limited to 'src/pipeline/mod.rs')
-rw-r--r-- | src/pipeline/mod.rs | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/src/pipeline/mod.rs b/src/pipeline/mod.rs index ba69f52..62e246f 100644 --- a/src/pipeline/mod.rs +++ b/src/pipeline/mod.rs @@ -16,6 +16,7 @@ mod command; pub use command::{Child, Command}; pub async fn run() -> anyhow::Result<i32> { + // Safety: we don't create File instances for fd 3 or 4 anywhere else let shell_read = unsafe { async_std::fs::File::from_raw_fd(3) }; let shell_write = unsafe { async_std::fs::File::from_raw_fd(4) }; @@ -234,9 +235,9 @@ async fn wait_children( fn pipe() -> anyhow::Result<(std::fs::File, std::fs::File)> { let (r, w) = nix::unistd::pipe2(nix::fcntl::OFlag::O_CLOEXEC)?; - // Safety: these file descriptors were just returned by pipe2 above, which - // means they must be valid otherwise that call would have returned an - // error + // Safety: these file descriptors were just returned by pipe2 above, and + // are only available in this function, so nothing else can be accessing + // them Ok((unsafe { std::fs::File::from_raw_fd(r) }, unsafe { std::fs::File::from_raw_fd(w) })) |