common: Move string manipulation functions to common.rs

We can have `ascii_strip` use entirely safe code by `unwrap()`ing the
result of `from_utf8` instead of using `from_utf8_unchecked`. We also
add a helper function to convert a C-string pointer into a byte slice.

Signed-off-by: Joe Richey <joerichey@google.com>

Author: josephlr

src/common.rs

@@ -33,6 +33,24 @@ macro_rules! container_of_mut {
     }};
 }
 
+// SAFETY: Requires that addr point to a static, null-terminated C-string.
+// The returned slice does not include the null-terminator.
+pub unsafe fn from_cstring(addr: u64) -> &'static [u8] {
+    if addr == 0 {
+        return &[];
+    }
+    let start = addr as *const u8;
+    let mut size: usize = 0;
+    while start.offset(size as _).read() != 0 {
+        size += 1;
+    }
+    core::slice::from_raw_parts(start, size)
+}
+
+pub fn ascii_strip(s: &[u8]) -> &str {
+    core::str::from_utf8(s).unwrap().trim_matches(char::from(0))
+}
+
 pub fn ucs2_as_ascii_length(input: *const u16) -> usize {
     let mut len = 0;
     loop {

src/loader.rs

@@ -14,6 +14,7 @@
 
 use crate::{
     bzimage,
+    common::ascii_strip,
     fat::{self, Read},
 };
 
@@ -104,10 +105,6 @@ fn parse_entry(f: &mut fat::File) -> Result<LoaderConfig, fat::Error> {
     Ok(loader_config)
 }
 
-fn ascii_strip(s: &[u8]) -> &str {
-    unsafe { core::str::from_utf8_unchecked(&s) }.trim_matches(char::from(0))
-}
-
 const ENTRY_DIRECTORY: &str = "/loader/entries/";
 
 fn default_entry_path(fs: &fat::Filesystem) -> Result<[u8; 260], fat::Error> {