In both the x86 and riscv64 implementations the constructors are not marked as unsafe despite taking an arbitrary port address and later writing to it. A user of the crate could incredibly easily cause an illegal write by passing an invalid address.
x86
|
pub const fn new(io_base: u16, custom_exit_success: u32) -> Self { |
|
asm!( |
|
"out dx, eax", |
|
in("dx") io_base, |
|
in("eax") code, |
|
options(nomem, nostack) |
|
); |
riscv64
|
pub const fn new(addr: u64) -> Self { |
|
asm!( |
|
"sw {0}, 0({1})", |
|
in(reg)code_new, in(reg)self.addr |
|
); |
In both the x86 and riscv64 implementations the constructors are not marked as
unsafedespite taking an arbitrary port address and later writing to it. A user of the crate could incredibly easily cause an illegal write by passing an invalid address.x86
qemu-exit/src/x86.rs
Line 36 in d157a2a
qemu-exit/src/x86.rs
Lines 25 to 30 in d157a2a
riscv64
qemu-exit/src/riscv64.rs
Line 29 in d157a2a
qemu-exit/src/riscv64.rs
Lines 44 to 47 in d157a2a