diff --git a/iceoryx2-ffi/cxx/src/unique_port_id.cpp b/iceoryx2-ffi/cxx/src/unique_port_id.cpp index 25c3041a2..cb354703e 100644 --- a/iceoryx2-ffi/cxx/src/unique_port_id.cpp +++ b/iceoryx2-ffi/cxx/src/unique_port_id.cpp @@ -46,7 +46,7 @@ UniquePublisherId::UniquePublisherId(iox2_unique_publisher_id_h handle) auto UniquePublisherId::bytes() -> iox::optional& { if (!m_raw_id.has_value() && m_handle != nullptr) { RawIdType bytes { UNIQUE_PORT_ID_LENGTH, 0 }; - iox2_unique_publisher_id_value(m_handle, bytes.data()); + iox2_unique_publisher_id_value(m_handle, bytes.data(), bytes.size()); m_raw_id.emplace(std::move(bytes)); } return m_raw_id; @@ -93,7 +93,7 @@ UniqueSubscriberId::UniqueSubscriberId(iox2_unique_subscriber_id_h handle) auto UniqueSubscriberId::bytes() -> iox::optional& { if (!m_raw_id.has_value() && m_handle != nullptr) { RawIdType bytes { UNIQUE_PORT_ID_LENGTH, 0 }; - iox2_unique_subscriber_id_value(m_handle, bytes.data()); + iox2_unique_subscriber_id_value(m_handle, bytes.data(), bytes.size()); m_raw_id.emplace(std::move(bytes)); } return m_raw_id; @@ -139,7 +139,7 @@ UniqueNotifierId::UniqueNotifierId(iox2_unique_notifier_id_h handle) auto UniqueNotifierId::bytes() -> iox::optional& { if (!m_raw_id.has_value() && m_handle != nullptr) { RawIdType bytes { UNIQUE_PORT_ID_LENGTH, 0 }; - iox2_unique_notifier_id_value(m_handle, bytes.data()); + iox2_unique_notifier_id_value(m_handle, bytes.data(), bytes.size()); m_raw_id.emplace(std::move(bytes)); } return m_raw_id; @@ -185,7 +185,7 @@ UniqueListenerId::UniqueListenerId(iox2_unique_listener_id_h handle) auto UniqueListenerId::bytes() -> iox::optional& { if (!m_raw_id.has_value() && m_handle != nullptr) { RawIdType bytes { UNIQUE_PORT_ID_LENGTH, 0 }; - iox2_unique_listener_id_value(m_handle, bytes.data()); + iox2_unique_listener_id_value(m_handle, bytes.data(), bytes.size()); m_raw_id.emplace(std::move(bytes)); } return m_raw_id; diff --git a/iceoryx2-ffi/ffi/src/api/unique_listener_id.rs b/iceoryx2-ffi/ffi/src/api/unique_listener_id.rs index 89530262c..d0873d06d 100644 --- a/iceoryx2-ffi/ffi/src/api/unique_listener_id.rs +++ b/iceoryx2-ffi/ffi/src/api/unique_listener_id.rs @@ -86,11 +86,26 @@ impl HandleToType for iox2_unique_listener_id_h_ref { // BEGIN C API +/// Retrieves the value of a unique listener ID. +/// +/// # Arguments +/// +/// * `handle` - A valid [`iox2_unique_listener_id_h`] +/// * `id_ptr` - Pointer to a buffer where the ID value will be written +/// * `id_length` - The length of the buffer pointed to by `id_ptr` +/// +/// # Safety +/// +/// * `handle` must be a valid, non-null pointer +/// * `id_ptr` must be a valid, non-null pointer to a buffer of at least `id_length` bytes +/// * `id_length` must be large enough to hold the ID value #[no_mangle] unsafe extern "C" fn iox2_unique_listener_id_value( handle: iox2_unique_listener_id_h, id_ptr: *mut u8, + id_length: usize, ) { + debug_assert!(!id_ptr.is_null()); handle.assert_non_null(); let h = &mut *handle.as_type(); @@ -98,8 +113,10 @@ unsafe extern "C" fn iox2_unique_listener_id_value( if let Some(Some(id)) = (h.value.internal.as_ptr() as *const Option).as_ref() { let bytes = id.value().to_ne_bytes(); + debug_assert!(bytes.len() <= id_length, "id_length is too small"); + unsafe { - std::ptr::copy_nonoverlapping(bytes.as_ptr(), id_ptr, bytes.len()); + std::ptr::copy_nonoverlapping(bytes.as_ptr(), id_ptr, id_length); } } } diff --git a/iceoryx2-ffi/ffi/src/api/unique_notifier_id.rs b/iceoryx2-ffi/ffi/src/api/unique_notifier_id.rs index 22e0950e0..f208643f3 100644 --- a/iceoryx2-ffi/ffi/src/api/unique_notifier_id.rs +++ b/iceoryx2-ffi/ffi/src/api/unique_notifier_id.rs @@ -86,11 +86,26 @@ impl HandleToType for iox2_unique_notifier_id_h_ref { // BEGIN C API +/// Retrieves the value of a unique notifier ID. +/// +/// # Arguments +/// +/// * `handle` - A valid [`iox2_unique_notifier_id_h`] +/// * `id_ptr` - Pointer to a buffer where the ID value will be written +/// * `id_length` - The length of the buffer pointed to by `id_ptr` +/// +/// # Safety +/// +/// * `handle` must be a valid, non-null pointer +/// * `id_ptr` must be a valid, non-null pointer to a buffer of at least `id_length` bytes +/// * `id_length` must be large enough to hold the ID value #[no_mangle] unsafe extern "C" fn iox2_unique_notifier_id_value( handle: iox2_unique_notifier_id_h, id_ptr: *mut u8, + id_length: usize, ) { + debug_assert!(!id_ptr.is_null()); handle.assert_non_null(); let h = &mut *handle.as_type(); @@ -98,8 +113,10 @@ unsafe extern "C" fn iox2_unique_notifier_id_value( if let Some(Some(id)) = (h.value.internal.as_ptr() as *const Option).as_ref() { let bytes = id.value().to_ne_bytes(); + debug_assert!(bytes.len() <= id_length, "id_length is too small"); + unsafe { - std::ptr::copy_nonoverlapping(bytes.as_ptr(), id_ptr, bytes.len()); + std::ptr::copy_nonoverlapping(bytes.as_ptr(), id_ptr, id_length); } } } diff --git a/iceoryx2-ffi/ffi/src/api/unique_publisher_id.rs b/iceoryx2-ffi/ffi/src/api/unique_publisher_id.rs index 3c1804d95..5b5acb231 100644 --- a/iceoryx2-ffi/ffi/src/api/unique_publisher_id.rs +++ b/iceoryx2-ffi/ffi/src/api/unique_publisher_id.rs @@ -86,11 +86,26 @@ impl HandleToType for iox2_unique_publisher_id_h_ref { // BEGIN C API +/// Retrieves the value of a unique publisher ID. +/// +/// # Arguments +/// +/// * `handle` - A valid [`iox2_unique_publisher_id_h`] +/// * `id_ptr` - Pointer to a buffer where the ID value will be written +/// * `id_length` - The length of the buffer pointed to by `id_ptr` +/// +/// # Safety +/// +/// * `handle` must be a valid, non-null pointer +/// * `id_ptr` must be a valid, non-null pointer to a buffer of at least `id_length` bytes +/// * `id_length` must be large enough to hold the ID value #[no_mangle] unsafe extern "C" fn iox2_unique_publisher_id_value( handle: iox2_unique_publisher_id_h, id_ptr: *mut u8, + id_length: usize, ) { + debug_assert!(!id_ptr.is_null()); handle.assert_non_null(); let h = &mut *handle.as_type(); @@ -98,8 +113,10 @@ unsafe extern "C" fn iox2_unique_publisher_id_value( if let Some(Some(id)) = (h.value.internal.as_ptr() as *const Option).as_ref() { let bytes = id.value().to_ne_bytes(); + debug_assert!(bytes.len() <= id_length, "id_length is too small"); + unsafe { - std::ptr::copy_nonoverlapping(bytes.as_ptr(), id_ptr, bytes.len()); + std::ptr::copy_nonoverlapping(bytes.as_ptr(), id_ptr, id_length); } } } diff --git a/iceoryx2-ffi/ffi/src/api/unique_subscriber_id.rs b/iceoryx2-ffi/ffi/src/api/unique_subscriber_id.rs index 64487e76c..c6c1fa7b5 100644 --- a/iceoryx2-ffi/ffi/src/api/unique_subscriber_id.rs +++ b/iceoryx2-ffi/ffi/src/api/unique_subscriber_id.rs @@ -86,11 +86,26 @@ impl HandleToType for iox2_unique_subscriber_id_h_ref { // BEGIN C API +/// Retrieves the value of a unique subscriber ID. +/// +/// # Arguments +/// +/// * `handle` - A valid [`iox2_unique_subscriber_id_h`] +/// * `id_ptr` - Pointer to a buffer where the ID value will be written +/// * `id_length` - The length of the buffer pointed to by `id_ptr` +/// +/// # Safety +/// +/// * `handle` must be a valid, non-null pointer +/// * `id_ptr` must be a valid, non-null pointer to a buffer of at least `id_length` bytes +/// * `id_length` must be large enough to hold the ID value #[no_mangle] unsafe extern "C" fn iox2_unique_subscriber_id_value( handle: iox2_unique_subscriber_id_h, id_ptr: *mut u8, + id_length: usize, ) { + debug_assert!(!id_ptr.is_null()); handle.assert_non_null(); let h = &mut *handle.as_type(); @@ -99,8 +114,10 @@ unsafe extern "C" fn iox2_unique_subscriber_id_value( (h.value.internal.as_ptr() as *const Option).as_ref() { let bytes = id.value().to_ne_bytes(); + debug_assert!(bytes.len() <= id_length, "id_length is too small"); + unsafe { - std::ptr::copy_nonoverlapping(bytes.as_ptr(), id_ptr, bytes.len()); + std::ptr::copy_nonoverlapping(bytes.as_ptr(), id_ptr, id_length); } } }