Make dump_interfaces non-unsafe and improve safety comments

Copilot · CBenoit · Copilot · commit 4bf3cca62612 · 2025-11-10T20:18:16.000Z
The dump_interfaces function doesn't impose any safety requirements on
callers - all unsafe operations are properly contained in inner unsafe blocks.
Updated safety comments to be more descriptive about what operations are
being performed rather than just stating "unsafe by contract"

Co-authored-by: CBenoit &lt;3809077+CBenoit@users.noreply.github.com&gt;
diff --git a/crates/devolutions-pedm-hook/src/appinfo.rs b/crates/devolutions-pedm-hook/src/appinfo.rs
@@ -142,23 +142,23 @@ pub unsafe fn ai_disable_desktop_rpc_interface() {
     unsafe { FUN.get_or_init(init)() }
 }
 
-pub unsafe fn dump_interfaces() -> Result<Box<[RpcServerInterfacePointer]>> {
+pub fn dump_interfaces() -> Result<Box<[RpcServerInterfacePointer]>> {
     // TODO: This is not clean. Add another mutex to guard the actual handles
     {
         let mut handles = INTERFACE_HANDLES.lock();
         handles.clear();
     }
 
-    // SAFETY: Function is unsafe by contract.
+    // SAFETY: Calling Windows API function to disable RPC interface.
     unsafe { ai_disable_desktop_rpc_interface() };
     // SAFETY: Enabling the hook to intercept RPC calls.
     if let Err(err) = unsafe { rpc_server_register_if_ex_hook().enable() } {
-        // SAFETY: Function is unsafe by contract.
+        // SAFETY: Calling Windows API function to enable RPC interface.
         let _ = unsafe { ai_enable_desktop_rpc_interface() };
         bail!(err);
     }
 
-    // SAFETY: Function is unsafe by contract.
+    // SAFETY: Calling Windows API function to enable RPC interface.
     let _ = unsafe { ai_enable_desktop_rpc_interface() };
     // SAFETY: Disabling the hook after capturing interface information.
     if let Err(err) = unsafe { rpc_server_register_if_ex_hook().disable() } {
diff --git a/crates/devolutions-pedm-hook/src/lib.rs b/crates/devolutions-pedm-hook/src/lib.rs
@@ -36,7 +36,7 @@ mod lib_win {
             bail!("appinfo.dll not loaded");
         }
 
-        let mut interfaces = unsafe { dump_interfaces() }?;
+        let mut interfaces = dump_interfaces()?;
 
         let mut origs = original_handlers().lock();
         for interface in interfaces.iter_mut() {
@@ -67,7 +67,7 @@ mod lib_win {
             bail!("appinfo.dll not loaded");
         }
 
-        let mut interfaces = unsafe { dump_interfaces() }?;
+        let mut interfaces = dump_interfaces()?;
 
         let mut origs = original_handlers().lock();
         for interface in interfaces.iter_mut() {

Original file line number	Diff line number	Diff line change
`@@ -36,7 +36,7 @@ mod lib_win {`
`36`	`36`	`bail!("appinfo.dll not loaded");`
`37`	`37`	`}`
`38`	`38`
`39`		`- let mut interfaces = unsafe { dump_interfaces() }?;`
	`39`	`+ let mut interfaces = dump_interfaces()?;`
`40`	`40`
`41`	`41`	`let mut origs = original_handlers().lock();`
`42`	`42`	`for interface in interfaces.iter_mut() {`
`@@ -67,7 +67,7 @@ mod lib_win {`
`67`	`67`	`bail!("appinfo.dll not loaded");`
`68`	`68`	`}`
`69`	`69`
`70`		`- let mut interfaces = unsafe { dump_interfaces() }?;`
	`70`	`+ let mut interfaces = dump_interfaces()?;`
`71`	`71`
`72`	`72`	`let mut origs = original_handlers().lock();`
`73`	`73`	`for interface in interfaces.iter_mut() {`