From eeacb4403ca90b35443656a796ee53d29f3a25f1 Mon Sep 17 00:00:00 2001 From: Thom Chiovoloni Date: Mon, 30 May 2022 01:06:08 -0700 Subject: [PATCH] Reword safety comments in core/hash/sip.rs --- library/core/src/hash/sip.rs | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/library/core/src/hash/sip.rs b/library/core/src/hash/sip.rs index c2ade8c7e54ed..97e32ca77db82 100644 --- a/library/core/src/hash/sip.rs +++ b/library/core/src/hash/sip.rs @@ -96,7 +96,8 @@ macro_rules! compress { /// `copy_nonoverlapping` to let the compiler generate the most efficient way /// to load it from a possibly unaligned address. /// -/// Unsafe because: unchecked indexing at i..i+size_of(int_ty) +/// Safety: this performs unchecked indexing of `$buf` at +/// `$i..$i+size_of::<$int_ty>()`, so that must be in-bounds. macro_rules! load_int_le { ($buf:expr, $i:expr, $int_ty:ident) => {{ debug_assert!($i + mem::size_of::<$int_ty>() <= $buf.len()); @@ -114,7 +115,8 @@ macro_rules! load_int_le { /// `copy_nonoverlapping` calls that occur (via `load_int_le!`) all have fixed /// sizes and avoid calling `memcpy`, which is good for speed. /// -/// Unsafe because: unchecked indexing at start..start+len +/// Safety: this performs unchecked indexing of `buf` at `start..start+len`, so +/// that must be in-bounds. #[inline] unsafe fn u8to64_le(buf: &[u8], start: usize, len: usize) -> u64 { debug_assert!(len < 8);