diff --git a/crates/servicepoint_binding_c/src/connection.rs b/crates/servicepoint_binding_c/src/connection.rs index 95940f8..3f54438 100644 --- a/crates/servicepoint_binding_c/src/connection.rs +++ b/crates/servicepoint_binding_c/src/connection.rs @@ -1,4 +1,4 @@ -//! C functions for interacting with `SPConnection`s +//! C functions for interacting with [SPConnection]s //! //! prefix `sp_connection_` @@ -24,7 +24,7 @@ pub struct SPConnection(pub(crate) servicepoint::Connection); /// /// # Panics /// -/// Bad string encoding +/// - when `host` is null or an invalid host /// /// # Safety /// @@ -36,6 +36,7 @@ pub struct SPConnection(pub(crate) servicepoint::Connection); pub unsafe extern "C" fn sp_connection_open( host: *const c_char, ) -> *mut SPConnection { + assert!(!host.is_null()); let host = CStr::from_ptr(host).to_str().expect("Bad encoding"); let connection = match servicepoint::Connection::open(host) { Err(_) => return null_mut(), @@ -51,6 +52,11 @@ pub unsafe extern "C" fn sp_connection_open( /// /// returns: true in case of success /// +/// # Panics +/// +/// - when `connection` is NULL +/// - when `packet` is NULL +/// /// # Safety /// /// The caller has to make sure that: @@ -63,16 +69,23 @@ pub unsafe extern "C" fn sp_connection_send_packet( connection: *const SPConnection, packet: *mut SPPacket, ) -> bool { + assert!(!connection.is_null()); + assert!(!packet.is_null()); let packet = Box::from_raw(packet); (*connection).0.send((*packet).0).is_ok() } -/// Sends a [SPCommand] to the display using the `SPConnection`. +/// Sends a [SPCommand] to the display using the [SPConnection]. /// /// The passed `command` gets consumed. /// /// returns: true in case of success /// +/// # Panics +/// +/// - when `connection` is NULL +/// - when `command` is NULL +/// /// # Safety /// /// The caller has to make sure that: @@ -85,6 +98,8 @@ pub unsafe extern "C" fn sp_connection_send_command( connection: *const SPConnection, command: *mut SPCommand, ) -> bool { + assert!(!connection.is_null()); + assert!(!command.is_null()); let command = (*Box::from_raw(command)).0; (*connection).0.send(command).is_ok() } @@ -93,8 +108,6 @@ pub unsafe extern "C" fn sp_connection_send_command( /// /// # Panics /// -/// # Panics -/// /// - when `connection` is NULL /// /// # Safety @@ -105,5 +118,6 @@ pub unsafe extern "C" fn sp_connection_send_command( /// - `connection` is not used concurrently or after this call #[no_mangle] pub unsafe extern "C" fn sp_connection_free(connection: *mut SPConnection) { + assert!(!connection.is_null()); _ = Box::from_raw(connection); } diff --git a/crates/servicepoint_binding_c/src/cp437_grid.rs b/crates/servicepoint_binding_c/src/cp437_grid.rs index 98b1927..791c594 100644 --- a/crates/servicepoint_binding_c/src/cp437_grid.rs +++ b/crates/servicepoint_binding_c/src/cp437_grid.rs @@ -27,7 +27,7 @@ impl Clone for SPCp437Grid { /// Creates a new [SPCp437Grid] with the specified dimensions. /// -/// returns: [SPCp437Grid] initialized to 0. +/// returns: [SPCp437Grid] initialized to 0. Will never return NULL. /// /// # Safety /// @@ -40,9 +40,11 @@ pub unsafe extern "C" fn sp_cp437_grid_new( width: usize, height: usize, ) -> *mut SPCp437Grid { - Box::into_raw(Box::new(SPCp437Grid(servicepoint::Cp437Grid::new( + let result = Box::into_raw(Box::new(SPCp437Grid(servicepoint::Cp437Grid::new( width, height, - )))) + )))); + assert!(!result.is_null()); + result } /// Loads a [SPCp437Grid] with the specified dimensions from the provided data. @@ -51,7 +53,8 @@ pub unsafe extern "C" fn sp_cp437_grid_new( /// /// # Panics /// -/// When the provided `data_length` is not sufficient for the `height` and `width` +/// - when `data` is NULL +/// - when the provided `data_length` does not match `height` and `width` /// /// # Safety /// @@ -68,16 +71,23 @@ pub unsafe extern "C" fn sp_cp437_grid_load( data: *const u8, data_length: usize, ) -> *mut SPCp437Grid { + assert!(data.is_null()); let data = std::slice::from_raw_parts(data, data_length); - Box::into_raw(Box::new(SPCp437Grid(servicepoint::Cp437Grid::load( + let result = Box::into_raw(Box::new(SPCp437Grid(servicepoint::Cp437Grid::load( width, height, data, - )))) + )))); + assert!(!result.is_null()); + result } /// Clones a [SPCp437Grid]. /// /// Will never return NULL. /// +/// # Panics +/// +/// - when `cp437_grid` is NULL +/// /// # Safety /// /// The caller has to make sure that: @@ -90,11 +100,18 @@ pub unsafe extern "C" fn sp_cp437_grid_load( pub unsafe extern "C" fn sp_cp437_grid_clone( cp437_grid: *const SPCp437Grid, ) -> *mut SPCp437Grid { - Box::into_raw(Box::new((*cp437_grid).clone())) + assert!(!cp437_grid.is_null()); + let result = Box::into_raw(Box::new((*cp437_grid).clone())); + assert!(!result.is_null()); + result } /// Deallocates a [SPCp437Grid]. /// +/// # Panics +/// +/// - when `cp437_grid` is NULL +/// /// # Safety /// /// The caller has to make sure that: @@ -104,6 +121,7 @@ pub unsafe extern "C" fn sp_cp437_grid_clone( /// - `cp437_grid` was not passed to another consuming function, e.g. to create a [SPCommand] #[no_mangle] pub unsafe extern "C" fn sp_cp437_grid_free(cp437_grid: *mut SPCp437Grid) { + assert!(!cp437_grid.is_null()); _ = Box::from_raw(cp437_grid); } @@ -116,7 +134,8 @@ pub unsafe extern "C" fn sp_cp437_grid_free(cp437_grid: *mut SPCp437Grid) { /// /// # Panics /// -/// When accessing `x` or `y` out of bounds. +/// - when `cp437_grid` is NULL +/// - when accessing `x` or `y` out of bounds /// /// # Safety /// @@ -130,6 +149,7 @@ pub unsafe extern "C" fn sp_cp437_grid_get( x: usize, y: usize, ) -> u8 { + assert!(!cp437_grid.is_null()); (*cp437_grid).0.get(x, y) } @@ -145,7 +165,8 @@ pub unsafe extern "C" fn sp_cp437_grid_get( /// /// # Panics /// -/// When accessing `x` or `y` out of bounds. +/// - when `cp437_grid` is NULL +/// - when accessing `x` or `y` out of bounds /// /// # Safety /// @@ -160,6 +181,7 @@ pub unsafe extern "C" fn sp_cp437_grid_set( y: usize, value: u8, ) { + assert!(!cp437_grid.is_null()); (*cp437_grid).0.set(x, y, value); } @@ -170,6 +192,10 @@ pub unsafe extern "C" fn sp_cp437_grid_set( /// - `cp437_grid`: instance to write to /// - `value`: the value to set all cells to /// +/// # Panics +/// +/// - when `cp437_grid` is NULL +/// /// # Safety /// /// The caller has to make sure that: @@ -181,6 +207,7 @@ pub unsafe extern "C" fn sp_cp437_grid_fill( cp437_grid: *mut SPCp437Grid, value: u8, ) { + assert!(!cp437_grid.is_null()); (*cp437_grid).0.fill(value); } @@ -190,6 +217,10 @@ pub unsafe extern "C" fn sp_cp437_grid_fill( /// /// - `cp437_grid`: instance to read from /// +/// # Panics +/// +/// - when `cp437_grid` is NULL +/// /// # Safety /// /// The caller has to make sure that: @@ -199,6 +230,7 @@ pub unsafe extern "C" fn sp_cp437_grid_fill( pub unsafe extern "C" fn sp_cp437_grid_width( cp437_grid: *const SPCp437Grid, ) -> usize { + assert!(!cp437_grid.is_null()); (*cp437_grid).0.width() } @@ -208,6 +240,10 @@ pub unsafe extern "C" fn sp_cp437_grid_width( /// /// - `cp437_grid`: instance to read from /// +/// # Panics +/// +/// - when `cp437_grid` is NULL +/// /// # Safety /// /// The caller has to make sure that: @@ -217,6 +253,7 @@ pub unsafe extern "C" fn sp_cp437_grid_width( pub unsafe extern "C" fn sp_cp437_grid_height( cp437_grid: *const SPCp437Grid, ) -> usize { + assert!(!cp437_grid.is_null()); (*cp437_grid).0.height() } @@ -224,6 +261,10 @@ pub unsafe extern "C" fn sp_cp437_grid_height( /// /// Will never return NULL. /// +/// # Panics +/// +/// - when `cp437_grid` is NULL +/// /// ## Safety /// /// The caller has to make sure that: diff --git a/crates/servicepoint_binding_c/src/packet.rs b/crates/servicepoint_binding_c/src/packet.rs index ac27747..f2cffc4 100644 --- a/crates/servicepoint_binding_c/src/packet.rs +++ b/crates/servicepoint_binding_c/src/packet.rs @@ -14,6 +14,10 @@ pub struct SPPacket(pub(crate) servicepoint::packet::Packet); /// /// Will never return NULL. /// +/// # Panics +/// +/// - when `command` is NULL +/// /// # Safety /// /// The caller has to make sure that: @@ -26,15 +30,22 @@ pub struct SPPacket(pub(crate) servicepoint::packet::Packet); pub unsafe extern "C" fn sp_packet_from_command( command: *mut SPCommand, ) -> *mut SPPacket { + assert!(!command.is_null()); let command = *Box::from_raw(command); let packet = SPPacket(command.0.into()); - Box::into_raw(Box::new(packet)) + let result = Box::into_raw(Box::new(packet)); + assert!(!result.is_null()); + result } /// Tries to load a [SPPacket] from the passed array with the specified length. /// /// returns: NULL in case of an error, pointer to the allocated packet otherwise /// +/// # Panics +/// +/// - when `data` is NULL +/// /// # Safety /// /// The caller has to make sure that: @@ -48,6 +59,7 @@ pub unsafe extern "C" fn sp_packet_try_load( data: *const u8, length: usize, ) -> *mut SPPacket { + assert!(!data.is_null()); let data = std::slice::from_raw_parts(data, length); match servicepoint::packet::Packet::try_from(data) { Err(_) => null_mut(), @@ -59,6 +71,10 @@ pub unsafe extern "C" fn sp_packet_try_load( /// /// Will never return NULL. /// +/// # Panics +/// +/// - when `packet` is NULL +/// /// # Safety /// /// The caller has to make sure that: @@ -71,11 +87,18 @@ pub unsafe extern "C" fn sp_packet_try_load( pub unsafe extern "C" fn sp_packet_clone( packet: *const SPPacket, ) -> *mut SPPacket { - Box::into_raw(Box::new(SPPacket((*packet).0.clone()))) + assert!(!packet.is_null()); + let result = Box::into_raw(Box::new(SPPacket((*packet).0.clone()))); + assert!(!result.is_null()); + result } /// Deallocates a [SPPacket]. /// +/// # Panics +/// +/// - when `sp_packet_free` is NULL +/// /// # Safety /// /// The caller has to make sure that: @@ -84,5 +107,6 @@ pub unsafe extern "C" fn sp_packet_clone( /// - `packet` is not used concurrently or after this call #[no_mangle] pub unsafe extern "C" fn sp_packet_free(packet: *mut SPPacket) { + assert!(!packet.is_null()); _ = Box::from_raw(packet) } diff --git a/crates/servicepoint_binding_c/src/pixel_grid.rs b/crates/servicepoint_binding_c/src/pixel_grid.rs index 6592ae5..8e937fc 100644 --- a/crates/servicepoint_binding_c/src/pixel_grid.rs +++ b/crates/servicepoint_binding_c/src/pixel_grid.rs @@ -42,9 +42,11 @@ pub unsafe extern "C" fn sp_pixel_grid_new( width: usize, height: usize, ) -> *mut SPPixelGrid { - Box::into_raw(Box::new(SPPixelGrid(servicepoint::PixelGrid::new( + let result = Box::into_raw(Box::new(SPPixelGrid(servicepoint::PixelGrid::new( width, height, - )))) + )))); + assert!(!result.is_null()); + result } /// Loads a [SPPixelGrid] with the specified dimensions from the provided data. @@ -58,6 +60,7 @@ pub unsafe extern "C" fn sp_pixel_grid_new( /// /// # Panics /// +/// - when `data` is NULL /// - when the dimensions and data size do not match exactly. /// - when the width is not dividable by 8 /// @@ -75,16 +78,23 @@ pub unsafe extern "C" fn sp_pixel_grid_load( data: *const u8, data_length: usize, ) -> *mut SPPixelGrid { + assert!(!data.is_null()); let data = std::slice::from_raw_parts(data, data_length); - Box::into_raw(Box::new(SPPixelGrid(servicepoint::PixelGrid::load( + let result = Box::into_raw(Box::new(SPPixelGrid(servicepoint::PixelGrid::load( width, height, data, - )))) + )))); + assert!(!result.is_null()); + result } /// Clones a [SPPixelGrid]. /// /// Will never return NULL. /// +/// # Panics +/// +/// - when `pixel_grid` is NULL +/// /// # Safety /// /// The caller has to make sure that: @@ -97,11 +107,18 @@ pub unsafe extern "C" fn sp_pixel_grid_load( pub unsafe extern "C" fn sp_pixel_grid_clone( pixel_grid: *const SPPixelGrid, ) -> *mut SPPixelGrid { - Box::into_raw(Box::new(SPPixelGrid((*pixel_grid).0.clone()))) + assert!(!pixel_grid.is_null()); + let result = Box::into_raw(Box::new(SPPixelGrid((*pixel_grid).0.clone()))); + assert!(!result.is_null()); + result } /// Deallocates a [SPPixelGrid]. /// +/// # Panics +/// +/// - when `pixel_grid` is NULL +/// /// # Safety /// /// The caller has to make sure that: @@ -111,6 +128,7 @@ pub unsafe extern "C" fn sp_pixel_grid_clone( /// - `pixel_grid` was not passed to another consuming function, e.g. to create a [SPCommand] #[no_mangle] pub unsafe extern "C" fn sp_pixel_grid_free(pixel_grid: *mut SPPixelGrid) { + assert!(!pixel_grid.is_null()); _ = Box::from_raw(pixel_grid); } @@ -123,7 +141,8 @@ pub unsafe extern "C" fn sp_pixel_grid_free(pixel_grid: *mut SPPixelGrid) { /// /// # Panics /// -/// When accessing `x` or `y` out of bounds. +/// - when `pixel_grid` is NULL +/// - when accessing `x` or `y` out of bounds /// /// # Safety /// @@ -137,6 +156,7 @@ pub unsafe extern "C" fn sp_pixel_grid_get( x: usize, y: usize, ) -> bool { + assert!(!pixel_grid.is_null()); (*pixel_grid).0.get(x, y) } @@ -152,7 +172,8 @@ pub unsafe extern "C" fn sp_pixel_grid_get( /// /// # Panics /// -/// When accessing `x` or `y` out of bounds. +/// - when `pixel_grid` is NULL +/// - when accessing `x` or `y` out of bounds /// /// # Safety /// @@ -167,6 +188,7 @@ pub unsafe extern "C" fn sp_pixel_grid_set( y: usize, value: bool, ) { + assert!(!pixel_grid.is_null()); (*pixel_grid).0.set(x, y, value); } @@ -177,6 +199,10 @@ pub unsafe extern "C" fn sp_pixel_grid_set( /// - `pixel_grid`: instance to write to /// - `value`: the value to set all pixels to /// +/// # Panics +/// +/// - when `pixel_grid` is NULL +/// /// # Safety /// /// The caller has to make sure that: @@ -188,6 +214,7 @@ pub unsafe extern "C" fn sp_pixel_grid_fill( pixel_grid: *mut SPPixelGrid, value: bool, ) { + assert!(!pixel_grid.is_null()); (*pixel_grid).0.fill(value); } @@ -197,6 +224,10 @@ pub unsafe extern "C" fn sp_pixel_grid_fill( /// /// - `pixel_grid`: instance to read from /// +/// # Panics +/// +/// - when `pixel_grid` is NULL +/// /// # Safety /// /// The caller has to make sure that: @@ -206,6 +237,7 @@ pub unsafe extern "C" fn sp_pixel_grid_fill( pub unsafe extern "C" fn sp_pixel_grid_width( pixel_grid: *const SPPixelGrid, ) -> usize { + assert!(!pixel_grid.is_null()); (*pixel_grid).0.width() } @@ -215,6 +247,10 @@ pub unsafe extern "C" fn sp_pixel_grid_width( /// /// - `pixel_grid`: instance to read from /// +/// # Panics +/// +/// - when `pixel_grid` is NULL +/// /// # Safety /// /// The caller has to make sure that: @@ -224,12 +260,17 @@ pub unsafe extern "C" fn sp_pixel_grid_width( pub unsafe extern "C" fn sp_pixel_grid_height( pixel_grid: *const SPPixelGrid, ) -> usize { + assert!(!pixel_grid.is_null()); (*pixel_grid).0.height() } /// Gets an unsafe reference to the data of the [SPPixelGrid] instance. /// -/// ## Safety +/// # Panics +/// +/// - when `pixel_grid` is NULL +/// +/// # Safety /// /// The caller has to make sure that: /// @@ -240,6 +281,7 @@ pub unsafe extern "C" fn sp_pixel_grid_height( pub unsafe extern "C" fn sp_pixel_grid_unsafe_data_ref( pixel_grid: *mut SPPixelGrid, ) -> SPByteSlice { + assert!(!pixel_grid.is_null()); let data = (*pixel_grid).0.data_ref_mut(); SPByteSlice { start: data.as_mut_ptr_range().start,