Make sure to handle null pointers correctly when calling slice::from_raw_parts

twistedfall · twistedfall · commit 1833c00b5943 · 2024-05-03T16:57:20.000+02:00
diff --git a/src/manual/core/mat.rs b/src/manual/core/mat.rs
@@ -473,24 +473,30 @@ pub trait MatTraitConstManual: MatTraitConst {
 	unsafe fn at_row_unchecked<T: DataType>(&self, row: i32) -> Result<&[T]> {
 		// safe because Mat::size() can't be negative
 		let width = self.size()?.width as usize;
-		self.ptr(row).map(|x| slice::from_raw_parts(convert_ptr(x), width))
+		self.ptr(row).map(|row| {
+			if row.is_null() {
+				&[]
+			} else {
+				slice::from_raw_parts(convert_ptr(row), width)
+			}
+		})
 	}
 
 	#[inline]
 	fn is_allocated(&self) -> bool {
 		!self.data().is_null()
 	}
 
-	/// Returns underlying data array as byte slice, Mat must be continuous.
+	/// Returns underlying data array as byte slice, `Mat` must be continuous
 	#[inline]
 	fn data_bytes(&self) -> Result<&[u8]> {
 		match_is_continuous(self).and_then(|_| {
 			let data = self.data();
-			if data.is_null() {
-				Err(Error::new(core::StsNullPtr, "Function returned null pointer"))
+			Ok(if data.is_null() {
+				&[]
 			} else {
-				Ok(unsafe { slice::from_raw_parts(data, self.total() * self.elem_size()?) })
-			}
+				unsafe { slice::from_raw_parts(data, self.total() * self.elem_size()?) }
+			})
 		})
 	}
 
@@ -502,15 +508,15 @@ pub trait MatTraitConstManual: MatTraitConst {
 	}
 
 	/// # Safety
-	/// Caller must ensure that the `T` type argument corresponds to the data stored in the `Mat`
+	/// Caller must ensure that the `T` type argument corresponds to the data stored in the `Mat` and `Mat` is continuous
 	#[inline]
 	unsafe fn data_typed_unchecked<T: DataType>(&self) -> Result<&[T]> {
 		let data = self.data();
-		if data.is_null() {
-			Err(Error::new(core::StsNullPtr, "Function returned null pointer"))
+		Ok(if data.is_null() {
+			&[]
 		} else {
-			Ok(slice::from_raw_parts(data.cast::<T>(), self.total()))
-		}
+			slice::from_raw_parts(data.cast::<T>(), self.total())
+		})
 	}
 
 	fn to_vec_2d<T: DataType>(&self) -> Result<Vec<Vec<T>>> {
@@ -624,16 +630,26 @@ pub trait MatTraitManual: MatTraitConstManual + MatTrait {
 	unsafe fn at_row_unchecked_mut<T: DataType>(&mut self, row: i32) -> Result<&mut [T]> {
 		// safe because Mat::size() can't be negative
 		let width = self.size()?.width as usize;
-		self
-			.ptr_mut(row)
-			.map(|x| slice::from_raw_parts_mut(convert_ptr_mut(x), width))
+		self.ptr_mut(row).map(|x| {
+			if x.is_null() {
+				&mut []
+			} else {
+				slice::from_raw_parts_mut(convert_ptr_mut(x), width)
+			}
+		})
 	}
 
 	/// Returns underlying data array as mutable byte slice, Mat must be continuous.
 	#[inline]
 	fn data_bytes_mut(&mut self) -> Result<&mut [u8]> {
-		match_is_continuous(self)
-			.and_then(|_| Ok(unsafe { slice::from_raw_parts_mut(self.data_mut(), self.total() * self.elem_size()?) }))
+		match_is_continuous(self).and_then(|_| {
+			let data = self.data_mut();
+			Ok(if data.is_null() {
+				&mut []
+			} else {
+				unsafe { slice::from_raw_parts_mut(self.data_mut(), self.total() * self.elem_size()?) }
+			})
+		})
 	}
 
 	#[inline]
@@ -643,11 +659,16 @@ pub trait MatTraitManual: MatTraitConstManual + MatTrait {
 	}
 
 	/// # Safety
-	/// Caller must ensure that the `T` type argument corresponds to the data stored in the `Mat`
+	/// Caller must ensure that the `T` type argument corresponds to the data stored in the `Mat` and `Mat` is continuous
 	#[inline]
 	unsafe fn data_typed_unchecked_mut<T: DataType>(&mut self) -> Result<&mut [T]> {
 		let total = self.total();
-		Ok(slice::from_raw_parts_mut(self.data_mut().cast::<T>(), total))
+		let data = self.data_mut();
+		Ok(if data.is_null() {
+			&mut []
+		} else {
+			slice::from_raw_parts_mut(data.cast::<T>(), total)
+		})
 	}
 
 	/// Returns a mutable iterator over `Mat` elements and their positions
@@ -707,9 +728,14 @@ impl Deref for MatSize {
 
 	#[inline]
 	fn deref(&self) -> &Self::Target {
-		// safe because `Mat::dims()` returns value >= 2
-		let dims = self.dims() as usize;
-		unsafe { slice::from_raw_parts(self.p(), dims) }
+		let p = self.p();
+		if p.is_null() {
+			&[]
+		} else {
+			// safe because `Mat::dims()` returns value >= 2
+			let dims = self.dims() as usize;
+			unsafe { slice::from_raw_parts(p, dims) }
+		}
 	}
 }
 
diff --git a/src/manual/core/vector.rs b/src/manual/core/vector.rs
@@ -199,7 +199,12 @@ where
 	where
 		Self: VectorExternCopyNonBool<T>,
 	{
-		unsafe { slice::from_raw_parts(self.extern_data(), self.len()) }
+		let data = unsafe { self.extern_data() };
+		if data.is_null() {
+			&[]
+		} else {
+			unsafe { slice::from_raw_parts(data, self.len()) }
+		}
 	}
 
 	/// Return mutable slice to the elements of the array.
@@ -211,7 +216,12 @@ where
 	where
 		Self: VectorExternCopyNonBool<T>,
 	{
-		unsafe { slice::from_raw_parts_mut(self.extern_data_mut(), self.len()) }
+		let data = unsafe { self.extern_data_mut() };
+		if data.is_null() {
+			&mut []
+		} else {
+			unsafe { slice::from_raw_parts_mut(data, self.len()) }
+		}
 	}
 }
 
diff --git a/src/templ.rs b/src/templ.rs
@@ -119,7 +119,12 @@ unsafe extern "C" fn ocvrs_create_string(s: *const c_char) -> *mut String {
 /// The return type of this function goes into `receive_byte_string`
 #[no_mangle]
 unsafe extern "C" fn ocvrs_create_byte_string(v: *const u8, len: size_t) -> *mut Vec<u8> {
-	let v = slice::from_raw_parts(v, len).to_vec();
+	let byte_slice = if v.is_null() {
+		&[]
+	} else {
+		slice::from_raw_parts(v, len)
+	};
+	let v = byte_slice.to_vec();
 	Box::into_raw(Box::new(v))
 }
 
diff --git a/tests/slice_from_null.rs b/tests/slice_from_null.rs
@@ -0,0 +1,42 @@
+use opencv::core::{Mat, MatSize, Vector};
+use opencv::prelude::*;
+use opencv::Result;
+use std::ptr;
+
+/// test that null pointers are handled and not passed to slice::from_raw_parts
+#[test]
+fn from_nullptr_slice() -> Result<()> {
+	{
+		let mut vec = Vector::<i32>::new();
+		let s = vec.as_slice();
+		assert!(s.is_empty());
+
+		let s = vec.as_mut_slice();
+		assert!(s.is_empty());
+	}
+
+	{
+		let mut m = Mat::default();
+		assert_eq!(ptr::null(), m.data());
+
+		let r = unsafe { m.at_row_unchecked::<u8>(0)? };
+		assert!(r.is_empty());
+
+		let r = unsafe { m.at_row_unchecked_mut::<u8>(0)? };
+		assert!(r.is_empty());
+
+		let d = unsafe { m.data_typed_unchecked::<u8>()? };
+		assert!(d.is_empty());
+
+		let d = unsafe { m.data_typed_unchecked_mut::<u8>()? };
+		assert!(d.is_empty());
+	}
+
+	{
+		let s = unsafe { MatSize::new(ptr::null_mut()) };
+		let s = &*s;
+		assert!(s.is_empty());
+	}
+
+	Ok(())
+}

Original file line number	Diff line number	Diff line change
`@@ -199,7 +199,12 @@ where`
`199`	`199`	`where`
`200`	`200`	`Self: VectorExternCopyNonBool<T>,`
`201`	`201`	`{`
`202`		`- unsafe { slice::from_raw_parts(self.extern_data(), self.len()) }`
	`202`	`+ let data = unsafe { self.extern_data() };`
	`203`	`+ if data.is_null() {`
	`204`	`+ &[]`
	`205`	`+ } else {`
	`206`	`+ unsafe { slice::from_raw_parts(data, self.len()) }`
	`207`	`+ }`
`203`	`208`	`}`
`204`	`209`
`205`	`210`	`/// Return mutable slice to the elements of the array.`
`@@ -211,7 +216,12 @@ where`
`211`	`216`	`where`
`212`	`217`	`Self: VectorExternCopyNonBool<T>,`
`213`	`218`	`{`
`214`		`- unsafe { slice::from_raw_parts_mut(self.extern_data_mut(), self.len()) }`
	`219`	`+ let data = unsafe { self.extern_data_mut() };`
	`220`	`+ if data.is_null() {`
	`221`	`+ &mut []`
	`222`	`+ } else {`
	`223`	`+ unsafe { slice::from_raw_parts_mut(data, self.len()) }`
	`224`	`+ }`
`215`	`225`	`}`
`216`	`226`	`}`
`217`	`227`