From 73011c0b2bcd21639446728fc50de4131a51e5ca Mon Sep 17 00:00:00 2001
From: "Dustin J. Mitchell" <djmitche@google.com>
Date: Thu, 14 Nov 2024 22:16:25 +0000
Subject: [PATCH] Add a safety comment to unsafe block

---
 src/read.rs | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/read.rs b/src/read.rs
index a3aa5d164..1ee5e6286 100644
--- a/src/read.rs
+++ b/src/read.rs
@@ -977,6 +977,10 @@ fn push_wtf8_codepoint(n: u32, scratch: &mut Vec<u8>) {
 
     scratch.reserve(4);
 
+    // SAFETY: After the `reserve` call, `scratch` has at least 4 bytes of allocated but
+    // unintialized memory after its last initialized byte, which is where `ptr` points. All
+    // reachable match arms write `encoded_len` bytes to that region and update the length
+    // accordingly, and `encoded_len` is always <= 4.
     unsafe {
         let ptr = scratch.as_mut_ptr().add(scratch.len());