|
193 | 193 | #[macro_use] |
194 | 194 | extern crate cfg_if; |
195 | 195 |
|
196 | | -use crate::util::{slice_as_uninit_mut, slice_assume_init_mut}; |
197 | | -use core::mem::MaybeUninit; |
| 196 | +use crate::util::slice_as_uninit_mut; |
198 | 197 |
|
199 | 198 | mod error; |
200 | 199 | mod util; |
@@ -303,40 +302,10 @@ cfg_if! { |
303 | 302 | /// [`rand::thread_rng`](https://docs.rs/rand/*/rand/fn.thread_rng.html). |
304 | 303 | #[inline] |
305 | 304 | pub fn getrandom(dest: &mut [u8]) -> Result<(), Error> { |
306 | | - // SAFETY: The `&mut MaybeUninit<_>` reference doesn't escape, and |
307 | | - // `getrandom_uninit` guarantees it will never de-initialize any part of |
308 | | - // `dest`. |
309 | | - getrandom_uninit(unsafe { slice_as_uninit_mut(dest) })?; |
310 | | - Ok(()) |
311 | | -} |
312 | | - |
313 | | -/// Version of the `getrandom` function which fills `dest` with random bytes |
314 | | -/// returns a mutable reference to those bytes. |
315 | | -/// |
316 | | -/// On successful completion this function is guaranteed to return a slice |
317 | | -/// which points to the same memory as `dest` and has the same length. |
318 | | -/// In other words, it's safe to assume that `dest` is initialized after |
319 | | -/// this function has returned `Ok`. |
320 | | -/// |
321 | | -/// No part of `dest` will ever be de-initialized at any point, regardless |
322 | | -/// of what is returned. |
323 | | -/// |
324 | | -/// # Examples |
325 | | -/// |
326 | | -/// ```ignore |
327 | | -/// # // We ignore this test since `uninit_array` is unstable. |
328 | | -/// #![feature(maybe_uninit_uninit_array)] |
329 | | -/// # fn main() -> Result<(), getrandom::Error> { |
330 | | -/// let mut buf = core::mem::MaybeUninit::uninit_array::<1024>(); |
331 | | -/// let buf: &mut [u8] = getrandom::getrandom_uninit(&mut buf)?; |
332 | | -/// # Ok(()) } |
333 | | -/// ``` |
334 | | -#[inline] |
335 | | -pub fn getrandom_uninit(dest: &mut [MaybeUninit<u8>]) -> Result<&mut [u8], Error> { |
336 | | - if !dest.is_empty() { |
337 | | - imp::getrandom_inner(dest)?; |
| 305 | + if dest.is_empty() { |
| 306 | + return Ok(()); |
338 | 307 | } |
339 | | - // SAFETY: `dest` has been fully initialized by `imp::getrandom_inner` |
340 | | - // since it returned `Ok`. |
341 | | - Ok(unsafe { slice_assume_init_mut(dest) }) |
| 308 | + // SAFETY: The &mut [MaybeUninit<u8>] reference doesn't escape, and |
| 309 | + // `getrandom_inner` will never de-initialize any part of `dest`. |
| 310 | + imp::getrandom_inner(unsafe { slice_as_uninit_mut(dest) }) |
342 | 311 | } |
0 commit comments